Retain super-techs with a two-track career path. PAGE 39 Spreadsheets may be a Sarbanes-Oxley liability. PAGE 46 


THE VOICE OF IT MANAGEMENT = WWW.COMPUTERWORLD.COM 


Theft of Cisco Source Code 
Stirs Fears of Security Threat 


Vendor's reticence 
leaves users uneasy 
about extent of risk 
BY JAIKUMAR VIJAYAN 
The theft of proprietary oper- 
ating system source code from 
Cisco Systems Inc. poses a 
potentially serious security 
threat to corporate networks 
that use the company’s tech- 
And the paucity of 
information released 
by the networking gi- 
ant in the wake of last 
week’s disclosure that 
the code had been 


CA Takes Next 
Step With 
On-Demand 


Will debut Sonar tools 


at CA World this week | 


BY MATT HAMBLEN 


stolen is raising troubling ques- 
tions about what exactly hap- 
pened and the real extent of 
the compromise, they added. 
“We are all waiting to hear 
what Cisco has to say,” said 
Stephen Smith, network man- 


| ager at Keystone Mercy Health 
| Plan in Philadelphia. 


Cisco has been “unnaturally 


| and unproductively quiet,” 
| added John Pescatore, an ana- 
nology, users and analysts said. 


ene sc) 


lyst at Gartner Inc. “That gives 
the impression that 
i they are still unsure 
about the scope of the 
breach. Or they are 
sure, and it’s much 
Cisco Code, page 55 


products, a tool called eTrust 
Network Forensics that can 
identify links between IT in- 
frastructure devices from a se- 
curity perspective, was quietly 
shipped last December but has 
yet to be formally announced. 
The other modules are due to 
become available this summer 
or in the fall. 

Sonar was designed to add 


at 


COMPUTERWORLD 
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increased auto- 
mation capabili- 
ties to CA’s se- 
curity, storage, 
network and ap- 
plication per- 
formance man- 
agement prod- 
uct lines and to 
Sonar, page 55 | 


At its annual user conference 
this week, Computer Associ- 
ates International Inc. will 
announce an initial set of four 
management software mod- 
ules that use the Sonar on- 
demand computing technol- 
ogy detailed by the company 
last July. 

One of the Sonar-based 
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Customer satisfaction is dependent on 
much more than objective factors like 
price and product quality. Increasing- 
ly, IT professionals expect their ven- 
dors to pass muster on less tangible 
criteria, like a determination to work 
together as partners for the long haul. 
Patrick Thibodeau examines the new 


dynamics of deal-making in our 
special report beginning on page 6. 
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_ Howthe BBCis negotiating a $3.6B outsourcing deal. Page 7 
Customer satisfaction? Not with Microsoft's SA program. Page 10 
methodology. Page 11 


Customer satisfaction scores from a survey of 1,188 
managers by Computerworld and InterUnity Group. 
*See page Tl for explanation of rating index. 
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Opteron Leads 64-bit Revolution 


Also in the Technology section: Hector Ruiz (left), CEO of AMD, says 


Marketing Gets With the Program 


in the Technology section: Marketing relation- 


ship management software helps users such as 
ESRI’s Linda Hecht (left) automate and analyze 
marketing efforts. But deployment challenges 
are both technical and cultural. Page 21 


EMC aims at branch offices 
with data backup needs by 
offering a low-end network- 
attached storage gateway and 
an entry-level disk array. 


PeopleSoft’s initiative to 
make its business applications 
easier to install and use is 
paying off, say some users. 


A security flaw in some Wi-Fi 
wireless LANs poses little 
threat, say IT managers, as 
long as companies have the 
right skills and have shielded 
their networks well. 


Wal-Mart revises its RFID 
deadline for 2005 and says its 
top suppliers will be tagging 
only 65% of their product 
cases by January. 


TECHNOLOGY 


28 \ Gomaien Technology: Trump- 
ing Tape. Massive arrays of 
idle disks technology could 
displace tape libraries for 
some data functions. 


30 Q&A: Rules for Success. The 
CEO of Pegasystems discuss- 
es refocusing IT on process 
rather than data. 


32 Future Watch: IT vs. Fog of 
War. Researchers look for 
ways to help soldiers and 
security professionals deal 
with the chaos of conflict. 


34 Security Manager’s Journal: 
Security Team Practices 
Theft by Delusion. A key mo- 
dem and a shipment of Black- 
Berry devices go missing from 
Vince Tuesday’s company. 


MANAGEMENT 


39 Tuning Up Tech Careers. 
Here’s how some of the best 
IT employers are enhancing 
technical positions — and 
their accompanying salaries 
and benefits — to retain talent. 


44 Career Watch. A CIO ex- 
plains how he bolstered his 
IT staff with student workers; 
plus, the highest-paying IT 
certifications, and tips for 
handling poor performers. 


46 Spreadsheet Overload? The 
ubiquitous spreadsheet may 
not be good enough for heavy- 
duty financial planning and 
reporting in the Sarbanes 
Oxley era. But it’s likely to 
survive as a user-friendly 
presentation tool. 


Opteron is changing the industry-standard server. With the intro- 


duction of Intel’s 64-bit extension chip this summer, vendors expect 
to ship more and more boxes with either Opteron or Intel’s version 
of the x86. All users will need are the applications. Page 26 


- OPINIONS 


8 On the Mark Mark Hall finds 
* vendors differing on whether 
security begins inside or out- 
side the firewall. 


Maryfran Johnson wonders 
if readers care that the strict 
guidelines about the place- 


ment of advertising and edito- 


rial content in print are ig- 
nored on the Web. 


Pimm Fox predicts that music 


stores will be empty shells 
within a decade. And the 
music industry still doesn’t 
know how to cope with that. 


Michael Gartenberg says that 
although it isn’t perfect, the 
ThinkPad X40 is one of the 


best notebooks he’s ever used. 


Tommy Peterson writes that 
knowledge-based software 
changes the way users think 
about problems. 


3 Paul M. Ingevaldson says you 
don’t have IT projects; you 
have business projects. The 
CIO of Ace Hardware says 
IT alignment comes when 
the entire business shares 
responsibility. 


ankly Speaking: Frank 
Hayes fears it may be too late 
to stop the move to add more 
top-level domains to the Net. 
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What mobile device would be 
hardest for you to give up? 


Cell phone 


Calculator 
slide rule 6.5% 


@ Take this week's QuickPoll at www.computerworld.com. 
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Audit-Proof Your Infrastructure 


Help your company get through 
the audit process with these five tips from 
Jonathan Wolf, co-founder and executive 
vice president of Gold Wire Technology Inc. 
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User-Level Memory Management 

This excerpt from Linux Pro- 
gramming . Example: The Fundamentals ex- 
plains memory management and the Linux 
Unix address space. @ QuickLink 46780 


How to Plan for Data Migration 

NCE: Two Avanade con- 
siiaesi suggest steps you should take before 
moving or consolidating critical data. 
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What's a QuickLink? 
Throughout each issue of 
Computerworld, you'll 

see five-digit QuickLink codes 

pointing to related content on 
our Web site. Also, at the end of 
each story, a QuickLink to that 
story online facilitates sharing it ° QuickLink al430 
with colleagues. Just enter any Knowledge Centers 

of those codes into the Quick ° QuickLink a2570 

Link box, which is at the top of - 

every page on our site he Online Store 
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New Dynami 
Of Deal-Makin 


It’s not just about products and prices. 
Users want commitment. By Patrick Thibodeau 


them to boost their bottom 

| lines. 

Price remains important, 

| but it’s not the only thing Ron 
Calderone wants to discuss. 

| The CIO at Reliant Pharma- 

| ceuticals Inc. in Liberty 

| Corner, NJ., Calderone sees 

| vendors as strategic business 
partners, and he has a list of 
criteria they must meet, 

| among them adoption of ac- 

| ceptable service-level agree- 
ments (SLA), adherence to 

| standards and integration with 
existing platforms. Calderone 
also wants to hear about each 
vendor’s strategic vision and 

| plan for executing it. 

“Tf they really don’t know 


HEN HIS 4-year-old 
Hewlett-Packard 
server died recent- 
ly, Steve Brown 
thought that moving his data 
replication software to a new 
two-way HP server would be 
simple. Was he ever wrong. 

Brown, vice president of IT 
at ECMD Inc., a building com- 
ponents manufacturer in 
North Wilkesboro, N.C., said 
the software vendor, whom 
he declined to name, told him 
his licensing fee would be 
bumped up by $25,000. The 
reason, the vendor said, was 
that the software pricing was 
now based on processor 
speed, and Brown’s new two- 
way server was at least three 
times faster than the old one. 
Brown was incredulous. “I 
told them it was ridiculous to 
pay a dime,” he said. 

After a lot of negotiation, 
Brown got the vendor down to 
a $7,000 increase. But it still 

left a bad taste in his 
mouth. “I think it’s got- 
ten more complicat- 
ed for you to buy 
[software], and 
more complicated 


§\ for you to maintain 
ta\ what you’ve 
\>— bought,” he said. 
Indeed, many users 
complain that dealing with 
vendors is becoming more 
complex as new pricing and 
licensing models emerge and 
outsourcing options gain 
prominence. And according 
to the results of a 
survey of nearly 


| 1,200 IT and business man- 


agers conducted by Computer- 
world and InterUnity Group 
Inc., their biggest beef is with 


| software vendors. The highest 


customer satisfaction ratings 
went to vendors with large 


| hardware product lines as well 


as software, like HP and IBM. 
Still smarting from the tech- 


| nology spending downturn, 


vendors are finding they have 
to work hard to gain the busi- 
ness of a demanding and se- 
lective user community. Users 
not only want to reduce the 
number of vendors they deal 
with; they want those vendors 


| to demonstrate a long-term 
| commitment to working with 


One of the 

cornerstones 
for a successful 
relationship is 
having really tight 
SLAs that you can 
stay on top of. 


BEN GLICHER, CTO 
EQUILEND HOLDINGS LLC 
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where they’re going, then why 
would you want to follow 


| them?” said Calderone. 


Ben Glicher, chief technolo- 


| gy officer at Equilend Hold- 

| ings LLC in New York, sought 
| an SLA calling for 99.9% up- 

| time in his managed services 
| contract with San Francisco- 

| based Totality Corp. His con- 
| tract includes financial penal- 


ties and an ever-present threat 


| of termination under a hybrid 
| management model that in- 

| volves direct day-to-day inter- 
| action with the vendor. 


“One of the cornerstones 
for a successful relationship is 
having really tight SLAs that 


| you can stay on top of,” Glich- 


er said, adding that the strict 


ors InterUnity Customer Satisfaction 
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SLAs have led to even better 
uptime than he had anticipat- 
ed. And there’s only one re- 
ward for good performance: 
“We renew the contract,” he 
said, noting that EquiLend 
recently did just that. 


Tough Talk 

Taking a tough stance with 
vendors is essential through- 
out the contract negotiation 
process, including the intro- 
ductory phase, many users 
have found. 

For instance, if a vendor 
says it has 200 customers us- 
ing a product, Walter Fahey, 
vice president and CIO at 
Maimonides Medical Center 
in New York, said he wants to 
“see a sheet of paper with 200 
clients on it.” Fahey doesn’t 
want the vendor’s cherry- 
picked reference accounts. 
“You've got to twist their 
arms,” he said. 

“The vendors need us more 
than we need them, because 
there are other IT solutions 
out there,” said Charles Kruse, 
vice president of IT services 
at AmeriCredit Corp., an auto- 
mobile finance company in 
Arlington, Texas. “Whether 
they are as good technologi- 
cally might not matter” be- 
cause of all the considerations 
aside from the merit of the 
technology itself, he added. 

Those considerations in- 
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Matchmaking at the BBC 


JOHN VARNEY, the British 
Broadcasting Corp.’s chief 


Corp. and Siemens Business 
Services Inc. The winner will 


technology officer, is involved 
in what may be the largest 
outsourcing deal to be negoti- 
ated by any corporation this 
year. And the closer he gets 
to picking a vendor, the more 
the process seems to take on 
an online-dating air. 

The BBC intends to turn 
over the operations of its 
1,400-employee IT arm, BBC 
Technology, to an outsourcer 
under a 10-year contract val- 
ued at about $3.6 billion. 
After narrowing an initial list 
of bidders to nine in February, 


be announced in July. 

As the arduous process 
draws to a conclusion, what’s 
becoming very important to 
Varney are the at- 
tributes of the three 
final bidders’ team 
leaders. “There is 
going to have to be a 
chemistry,” said 
Varney, “and an 
understanding of 
each other’s aims 
and objectives.” 

The BBC is using 
a rigorous evalua- 


Pa aa BC) 


the BBC earlier this month 


picked the final three: Accen- 
ture Ltd., Computer Sciences 


clude knowing when vendors 
| are most likely to be willing to 
make special concessions. 


Kent Brumbaugh, corporate 


| supplier portfolio manager at 
Huntington Bancshares Inc. in 


Columbus, Ohio, said vendors 


| are intensely focused on mak- 
| ing their quarterly and annual 


revenue projections. So when 
he wants to strike a deal, he 


tion process, but 
subjective elements 
are clearly rising in 


waits for just the right time. 
“They’re very proactive at 
the end of quarters,” said 
Brumbaugh, adding that if 
changes to a purchase con- 
tract are needed, “they’re very 


accommodating.” 


Bob Venable, manager of 
enterprise systems at Blue- 
Cross BlueShield of Tennessee 
Inc., said he uses timing with 


ER Me Mt 
istry” with his out- 
sourcing vendor. 


Upgrade Policies 


HP 
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Microsoft 
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PeopleSoft 


importance in comparison 
with the objective considera- 
tions that helped winnow 
down the initial list. 
Objective measures and 
scoring on criteria such as 
size, financial strength and 
understanding of the broad- 
cast market helped the BBC 
cut the list of ven- 
dors from 31 to 
nine. Subjective 
measures included 
a sense of the cul- 
tural fit the vendor 
will have with the 
BBC. 


erences, pricing 
and feedback from 
the BBC’s user 
community all re- 


tors in the final se- 


vendors such as IBM to sweet- 
en the pot in negotiations and 
to do some mutual back- 
scratching. 

“We always look for non- 
monetary ways we can help a 
vendor so that they can help 
us monetarily,” said Venable. 
“If we know we need some- 
thing within the next six 
months but a [vendor] is quar- 
terly-driven, it may mean... 
buying at the end of this 
month instead of two days 
into next month.” 

Such relationship-building 
is essential, users say. And 
they expect the vendor to do 
its part by demonstrating a 
genuine interest in the cus 
tomer’s business. 

Michael Brooks, vice presi- 
dent of information systems 


and technology at Stock Build- 


ing Supply, a Raleigh, N.C.- 
based distributor, recently 


switched router vendors, mov- 


ing from Nortel Networks Ltd. 
to Cisco Systems Inc. Brooks 
said he felt Cisco was more 
sincere in wanting to establish 


| a true partnership. 


“They courted us for quite a 


| while without [anything on 


| the] sales side [going] to 


them,” Brooks said of Cisco. 


| The vendor’s top regional rep- 


The vendors’ ref- 


main important fac- 


lection process. But Varney 
made it clear that the capa- 
bilities of the vendors’ team 
leaders are essential to a 
successful relationship, and 
key factors in the final 
choice. 

“It’s not going to work if 
the leader on the provider 
side and myself and the team 
don’t get on,” said Varney. 

As Varney gets to know the 
team leaders from the surviv- 
ing bidders, he will be looking 
for someone with a passion 
for delivery of service and for 
what the BBC is doing. And 
he will expect “an under- 
standing of what it is like to 
work inside a huge, creative 
organization,” Varney said. 
“There can’t be any mis- 
match.” 

- Patrick Thibodeau 


The ven- 

dors need 
us more than we 
need them, be- 
cause there are 
other IT solu- 
tions out there. 


CHARLES KRUSE, VP OF IT 


AMERICRE T CORP 
Wil AN nN 


resentative met regularly with 
Brooks, and they would go out 
to lunch once a quarter to talk 
about their respective compa- 
nies. “It was truly, ‘We want to 
learn about you,’ ” Brooks said, 
adding that the lack of pres- 
sure tactics was refreshing. 

“It got to the point ... where 
I felt very comfortable talking 
about our issues, and he was 
very responsive and the team 
behind him was very capable,” 
Brooks said. 

When Stock Building Sup- 
ply had a virus on its network, 
Cisco “came like they were a 
longtime partner of ours and 
assisted us, which I appreciat- 
ed a lot,” Brooks said. “That 
played a lot in our decision to 
go with them.” The change in 

Continued on page 10 





¢ 


© COMPUTERWORLD May 24, 2008 


Oracle Links DBs 
To Visual Studio 


Oracle Corp. announced plans to 
join Microsoft Corp.’s Visual Stu- 
dio industry Partner program and 
tightly integrate its databases 
with Visual Studio .Net 2003. 
Oracle sells its own development 
tools but said the increased ties 
to Visual Studio should make it 
easier for Windows developers to 
write code for Oracle databases. 
The integration code is due to be 
available for download from Ora- 
cle’s Web site later this year. 


IBM Asks Judge to 
Drop SCO Claims 


IBM asked a federal judge to 
throw out copyright infringement 
claims made by The SCO Group 
Inc. as part of its Linux-related 
lawsuit against IBM. In a court 
filing, IBM said SCO has been 
unable to provide any evidence of 
infringement thus far. An SCO 
spokesman said the Lindon, Utah- 
based vendor is still examining 
software code and documents 
turned over by IBM and expects 
to be able to prove its claims. 


PPCM ISS ETRE, nate 


Symantec Agrees | 
To Buy Brightmail 


Symantec Corp. said it plans to 
buy Brightmail Inc., an antispam 
software vendor in San Francisco, 
for about $370 million in cash. 
Cupertino, Calif.-based Symantec 
already owns an 11% stake in 
Brightmail, which bundles Syman- 
tec’s antivirus software with its 
tools for blocking spam e-mail 
messages. The deal is expected 
to be completed in early July. 


IBM Extends Deal 


On Virtualization 


IBM has extended through 2007 
a contract under which it resells 
server virtualization software de- 
veloped by VMware Inc. in Palo 
Alto, Calif. The 2-year-old deal 
with VMware, which is now 
owned by IBM storage rival EMC 
Corp., was due to expire this year. 
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HOT TECHNOLOGY TRENDS, NEW PRODUCT 
NEWS AND INDUSTRY GOSSIP BY MARK HALL 


Trip Up Spammers 
Via Today’s SMTP .. . 


. .. Standard using Mirapoint Inc.’s MailHurdle option, 


available this week. It’s in the Sunnyvale, Calif.-based 


company’s release of Message Operating System 3.5, 
which runs on its RazorGate appliances. Tim Chiu, 
manager of security products at Mirapoint, claims 
that alternative methods to fight spam with the 


Simple Mail Transfer Proto- 
col (SMTP), such as Micro- 
soft Corp.’s CallerID technol- 
ogy “require buy-in from 
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everyone you receive mail 
from” and don’t use existing 
standards, demanding instead 
that you boit on additional 
protocol processes. Not very 
likely. But MailHurdle detects 
suspect messages outside 
your network and applies 
SMTP’s current resend tech- 
nique, which spammers ig- 
nore because of the added 
overhead, Chiu says. Accord- 
ing to Mirapoint, MailHurdle 
achieves an 80% block rate 
for incoming tainted mes- 
sages, including viruses, and 
eliminates 98% of the remain- 
ing unwanted e-mail 

through its analytics. Chiu 
suggests that “analytics 

are your last resort, not 

the first,” because it 





means the spam and viruses 
are already inside your net- 
work. That said, Mirapoint 
has added analytic rules in 
the 3.5 upgrade to, among 
other things, fight the in- 
crease in phishing attacks. 
The MailHurdle option costs 
just over $3 per 1,000 users. 


Nokia readies high-end 
fast, diskless . . . 

. . - firewall and its little brother to 
extend its line of security products 
next week. Nokia Corp.'s IP 
2250 can handle more than 
47,000 connections per sec- 
ond over virtual private net- 
works from its partner Check 
Point Software Technologies 
Ltd. in Redwood City, Calif. 
The IP 2250 eschews disk 
drives for Compact Flash to 
handle log data. But Dan Reis, 





platform manager at Nokia’s 
Enterprise Solutions group in 
Mountain View, Calif., says 
most companies use external 
servers to track firewall- 
processing data. He adds that 
mean time between failures 
is extended without the me- 
chanical drives. Nokia on 
June 1 is also shipping its IP 
1220 firewall, designed for 
midsize firewall needs, which 
can handle 20,000 connec- 
tions per second. 


Compliance 
demands more. . . 
. .. than security hardware to 
keep you out of hot water, espe- 
cially for your 
offshore oper- 
ations, warns 
Pam Gupta, 
president of 
OutSecure 
" Inc., a Bridge- 
ky port, Conn.- 
based security 
consultancy with offices in 
Delhi, India. She says you 
need to have an overall best- 
practices security policy, ide- 
ally one based on either the 
International Standards Orga- 
nization 1799 or the British 
Standard 7799 security stan- 
dards. A standards-based pol- 
icy will help you square off 


| with auditors concerned with 


the Health Insurance Porta- 
bility and Accountability Act, 
the Gramm-Leach-Bliley Act, 
the Sarbanes-Oxley Act and 
other regulations that de- 
mand tough security and pri- 
vacy processes. Alas, she 
says, few companies in the 
U.S. have such a standards- 
based policy and probably 
even fewer know whether 
those standards are applied 
at their offshore outsourcers. 
Stan Lepeak, an analyst at 
Stamford, Conn.-based Meta 


| Group Inc., adds that CIOs 


and chief financial officers 
generally don’t have a clue 
about the internal con- 
trols of their outsourcers, 
whether they are in the 
U.S. or overseas. And, he 





says, “Indian firms don’t have 
a story” when it comes to 
compliance. For example, 
Lepeak says companies that 
have set up order-taking call 
centers in India may find 
themselves in trouble with 
Sarbanes-Oxley auditors if 
those auditors ever settle on 
specific rules and processes 
for companies to follow. 
That’s why he’s amused at the 
results of a Meta survey that 
found 20% of more than 200 
corporate managers believe 
that their companies are al- 
ready certified for compli- 
ance with Sarbanes-Oxley, 
which is impossible without 
those auditing rules in place. 
More frightening is another 
survey finding: 41% believe 
they'll bomb their Sarbanes- 
Oxley test. 


Offshore compliance 
may be troubling... 
. .. but outsourced product de- 
velopment need not be a chore 
at all. Or so 
goes the 
thinking be- 
hind the on- 
line product 
life-cycle 
management 
(PLM) service 
from Arena 
Solutions Inc. 
in Menlo Park, Calif. Accord- 
ing to CEO Michael Topolo- 
vac, companies that build 
widgets and gizmos overseas 
encounter expensive prob- 
lems from engineering 
change orders that get over- 
looked or misinterpreted by 
overseas manufacturers. Such 
problems are less likely with 
Arena’s Web-based PLM of- 
fering, he claims. Now on 
Version 6.3, the service-based 
software is scheduled for its 
next release by early summer 
and will add more granular 
controls over who can see 
what data and when. Topolo- 
vac also boasts that his ser- 
vice is “10 times more effi- 
cient” than his client/server 
competitors. @ 47030 
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| Continued from page 7 
| router vendors was made last 


fall. 
In some cases, vendors are 


| taking steps to build the rela- 

| tionship by simplifying licens- 
| ing terms. Sun Microsystems 

| Inc. and PeopleSoft Inc., for 

| instance, offer pricing options 
| based on the number of em- 

| ployees a company has. 


A PeopleSoft deal negotiat- 


| ed by Casey McMullen, direc- 
| tor of IT systems at Agri Beef 
| Co. in Boise, Idaho, took the 

| per-employee approach rather | 
| than one based on the number 

| of licensed users or concur- 
| rent-log-ins. McMullen said he | 
| has found it to be a simple, 


reasonable pricing model. 
Clearly, for many users of 
ERP software, licensing re- 


|} mains a challenge. SAP AG’s 


licensing is particularly con- 
fusing, said Ronald Moses, 
ERP business analyst and 
team leader at Arctic Cat Inc., 
a Thief River Falls, Minn., 
maker of snowmobiles. “It’s al- 
most like we have to have an 
onboard atlas” to navigate it, 
he said. 


| 





Customer Service | 


EXCELLENT GOOD FAIR POOR 


EMC 
Oracle 
PeopleSoft 
Microsoft 
SAP 

CA 


But Autumn Bayless, CIO at 
Tasty Baking Co. in Philadel- 
phia, said the company’s my- 
SAP suite license is simple 


| enough, with an unlimited use 


category that overcomes a lot 
of the typical complications. 


NEWS SPECIAL REPORT 


Note: The ICSI 
Index 


aiaeintn 


Still, it’s software contracts 


| that appear to create the 

| biggest headaches for users. 

| For example, Randy Roth, a 

| contract negotiator at Corpo- 
| rate Contracts LLC in Des 


Moines, said many software 


29% 
28.7% 
32.6% 
20.8% 
16.5% 
13.9% 

9.1% 
16.1% 
8.8% 
12.9% 
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vendor's InterUnity Customer Satisfaction 


45.5% 186% 6.8% 


46.8% 17.3% 7.3% 


38.1% 16.7% 12.5% 


47.6% 21.8% 9.8% 


43.2% 276% 12.7% 


44% 27.1% 15% 


43.6% 291% 18.2% 


34.2% 274% 22.3% : 


413% 30.9% 18.9% 


36.7% 265% 23.9% 


| vendors fail to indemnify 


users against infringement of 
intellectual property, which is 
one of the problems Linux 
users are facing in The SCO 
Group Inc.’s ongoing copy- 
right-infringement case 


Users Rate Microsoft Last in Licensing Policies 


SCORES OF USERS cried foul when 
Microsoft Corp. introduced a new li- 
censing program three years ago, 
and many are still sorting out the 
best way to deal with it. 

Respondents to the Computer- 
world/interUnity Group customer 
satisfaction survey rated Microsoft 
last among 10 leading technology 
vendors in the area of licensing 
policies. 

That's hardly an encouraging sign 
for Microsoft as it enters an impor- 
tant stretch with its volume-licensing 
customers. Contracts are coming up 
for renewal, and many users are 
casting a more discriminating eye at 
the Licensing 6.0 maintenance pro- 
gram that caused a commotion 
when Microsoft announced it. 

Wyndham International Inc. 
bought into the new Software Assur- 
ance program to upgrade its servers 
from Windows NT to Windows Serv- 
er 2003. Mark Hedley, Wyndham’s 
chief technology officer, said the 
company saw a benefit, since SA 


licenses cost less than full licenses. 
But Irving, Texas-based Wyndham 
won't renew its SA deal. 

“Since it's very difficult to project 
IT initiatives into the next four years,” 
said Hedley, “it's not clear whether 
or not SA is worth the extra cost.” 

Wyndham's SA contract runs until 
2005, but many users bridged the 
gap to the new program by signing 
up for Licensing 5.0’s two-year Up- 
grade Advantage option. Like the SA 
program, Upgrade Advantage enti- 
tles customers to upgrades of cov- 
ered products released during the 
contract term. 

Sunny Charlebois, a product man- 
ager for Microsoft licensing, ac- 
knowledged that the company isn't 
expecting many Upgrade Advantage 
customers - whose contracts all ex- 
pire by July 31 - to move to Licens- 
ing 6.0’s SA program. 

“We, of course, hope they do re- 
new, but based on our business 
analysis, Software Assurance may 
not make the most sense for their 


businesses,” she said. “They're typi- 
cally customers that want to acquire 
a perpetual license and use it as long 
as possible and possibly purchase 
additional services.” 

Under Microsoft's old program, 
customers chose when they wanted 
to pay for a discounted upgrade. 


Now, the typically three-year SA con- 


tracts require them to annually pay 
29% of the license cost 
for desktop software and 
25% for server software. 
That is a particularly bitter 
pill to swallow for those 
who find the percentages 
out of line compared 

with those of their other 
vendors. 

Microsoft has been 
beefing up SA, most no- 
tably adding training, 
support and Office home- 
use rights in September. 
“We've got more work to 
do, and we are moving in 
the right direction in 


REID HORN 
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at times like a 
“hostage.” 


terms of making some contract 
changes and improving the value 
of Software Assurance,” said 
Charlebois. 

Yet IT managers interviewed by 
Computerworld said that they expect 
an upgrade as part of an SA contract 
and weigh their SA decisions based 
on their needs for new products. 

Cleveland-based KeyCorp got its 
money's worth by pur- 
chasing SA on Microsoft 
Office 2003 for its more 
than 18,500 users, ac- 
cording to Mark Chiac- 
chiari, vice president of 
desktop systems engi- 
neering. But with no 
plans to upgrade for at 
least three years, the 
company won't renew its 
SA contract, he noted. 

“Long term, it will be 
more cost-effective to 
acquire the licenses for 
the next version of Office 
instead of maintaining 


SA,” Chiacchiari said. 

The new SA support options are 
no enticement. Chiacchiari said Key- 
Corp’s Premier Support is “the opti- 
mal method” with Microsoft provid- 
ing a technical account manager and 
higher-quality resources. 

A technology director at a large 
manufacturing firm estimated that 
his company saved $85,000 on inci- 
dent calls and $45,000 on training 
using SA enhancements. But he said 
it wasn’t enough to compensate for 
the costs. He suggested that Micro- 
soft extend SA to five years and re- 
duce the annual fee to 20%, a trade- 
off that might be reasonable for 
consistency. 

With his company's server agree- 
ments up for renewal next month, 
the director, who asked not to be 
named, said he worries about the 
impact that canceling an SA agree- 
ment might have on his relationship 
with Microsoft. “Any company is 
going to provide a different level of 
service to a customer who buys a 
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[QuickLink a3260]. If a vendor 
refuses to provide indemnifi- 
cation, “we're advising compa- 
nies to not buy that software, 
because [the vendor] probably 
stole it from somewhere,” 
Roth said. 

And hardware vendors can’t 
take users — even longtime 
users — for granted, either. 
Some users are finding that 
moving to open standards 
makes it easier to rip and re- 
place their systems. If a new 
vendor is wiliing to help cover 
the transition costs, it just 
might have a deal. 

John Montgomery, vice 
president and CTO at Embar- 
cadero Systems Corp., an Ala- 


shipping and cargo manage- 
ment systems, is planning a 
major data center upgrade 


next year. HP is the incumbent | 
| the vendor's direction, he said. | 


vendor, and it’s going up 
against IBM. 

“We're going to pit them 
against each other,” said 
Montgomery, noting that there 
are already telling indications 
of which vendor wants his 
business more. 


little rather than a lot,” he said. 

A technology portfolio manager at 
a financial services firm who asked 
not to be identified said his company 
timed SA perfectly to upgrade to 
Windows Server 2003 and Office 
2003. But that positive experience 
didn’t turn him into a believer in the 
SA approach. “It's costly, with no 
guarantees,” he said. 

The portfolio manager, who nego- 
tiates deals with his firm's major ven- 


We're 

going to pit 
them [HP and 
IBM] against 
each other. 


JOHN MONTGOMERY, 
VICE PRESIDENT AND CTO 


EMBARCADERO SYSTEMS CORP. 


HP is “operating in a fashion 
that may not get them the 
business,” he said. “I think they 
are thinking that we will just 
continue to stay with them.” 

IBM, meanwhile, “is being 
very, very aggressive,” he said. 


| IBM is flying Montgomery and 
meda, Calif.-based provider of | 


several members of his team 
to Austin next month for a 


| small meeting, along with 


some other customers, to get a 
“high-powered” overview of 


Montgomery noted that an 
HP resource center he recent- 


| ly visited didn’t measure up to 


what IBM is offering. 

Since moving to a new ven- 
dor would be difficult because 
of all the work and retraining 


dors, said a three-year contract is 
too unpredictable both from the 
standpoint of his firm's ability to in- 
stall new products and of Microsoft's 
sometimes erratic release schedules. 
Some SA customers may not get 
upgrades during their contracts. SQL 
Server 2000 users won't see a new 
version until 2005. Windows XP 
came out in October 2001; its suc- 
cessor, code-named Longhorn, is 
expected in 2006. The Longhorn 


involved in the change, any 
IBM proposal will have to be 
compelling and take into ac- 
count transition costs. But so 
far, “it seems like IBM is 
putting more resources to- 
ward getting our business than 
HP [is],” he said. 

Joe Heasley, CIO at Gates 
Corp., a Denver-based auto- 
motive parts maker, said that 
in negotiating with multiple 
vendors, it’s essential that the 
same expectations and re- 
quirements are communicated 
to all of them so they start off 
on an equal footing. 

“A lot of people have sepa- 
rate conversations [with ven- 
dors], and they don’t set ex- 
pectations with vendors to 
where you have a level playing 


| field,” said Heasley, who re- 
| cently purchased two HP 


Superdome servers. 
Letting the vendors know 
exactly what you want, he 


| said, “lets them all put their 


| best foot forward.” @ 47045 


| Matt Hamblen, Lucas Mearian 


| and Marc L. Songini con- 
| tributed to this story. 


server is due in 2007, four years af- 
ter the last release, although an in- 
terim edition is planned for 2005. 

Yet SA and Enterprise Agree- 
ments (which have SA built in) hold 
appeal for some companies - espe- 
cially those trying to reduce the has- 
sle of tracking licenses or establish a 
predictable budget. Microsoft said it 
expects up to 75% of EA users to 
renew this year. 

Tom Shelman, Dallas-based ClO 


‘SPECIAL REPORT 


SURVEY METHODOLOGY 


Concord, Mass.-based InterUnit 
Group Inc. and Computerworld 

ed a study of customer 
satisfaction with the products 
and policies of 10 enterprise IT 
vendors. A total of 1,188 users 
responded between April 5 and 14 
2004 


DATA COLLECTION: Computer- 
world editors and InterUnity Group 
researchers designed the survey 
IT executives gathered from Com- 
puterworldand InterUnity Group 
lists were invited to participate in 
the study by e-mail, and the ques- 
tions were posted on a Web site. 


DATA VALIDATION: To ensure the 
integrity of the responses, user 
identification information, including 


CREDITS 
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of Northrop Grumman Corp., said ac- 
quisitions left his company with 
every form of agreement Microsoft 
has, and Northrop Grumman will opt 
for a new EA to ease administration 
and total cost of ownership. But the 
decision wasn't made lightly. 
“Because we decided to be a very 
homogeneous Microsoft shop for the 
desktop, that makes me at times feel 
very much like a hostage to Micro- 
soft from a pricing standpoint,” he 
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“mail address, was required 
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ent bias based on company 

size or hidden vendor re 


scNoOnses 
espons 


ICO. 


ABOUT THE VENDORS: The p 
shed results include qualified re- 
sponses from active users of the 
vendors’ products anc 
A minimum of 200 valid user re- 
sponses were required per vendor 
The study assigned an objective 
and strictly quantitative score indi- 
cating how users evaluated the 
vendor. The InterUnity Cus- 
tomer Satisfaction Index 
(ICSI) is a quantitative score 
based on the number of customers 
who rank their vendor as “excel- 
lent” and “good,” while adjusting 
for the number of customers who 
reported a “poor” experience. An 
CSI of 100 is average 


READ THE REPORT 
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said. “They know | service 123,000 
people and have about 90,000 
clients. They know changing that 
would be a big deal.” 

Shelman said the strategic archi- 
tecture group will explore alterna- 
tives. “If there is a better way to add 
shareholder value, | don’t care what 
product I’m using,” he said. “| am 
always seriously looking at other 
options.” 

~ Carol Sliwa 


Microsoft Licensing Policy Timeline 


JULY: Enterprise Edition Serv- 
er “Step-up License” lets 

users of Standard Edition up- 
grade for cost differential. pf 


MAY: Microsoft announces addi- 
tion of support, training and Office 
home-use benefits to Software 
Assurance, effective Sept. 1. 


ee ane 


JULY 31: Deadline to sign up for 
Licensing 6.0 Software Assur- 
ance, Licensing 5.0 two-year 
Upgrade Advantage option. 


MARCH: Release of SQL Server, 
code-named Yukon, delayed to 
2005, creating four-year-plus 
time frame since the previous 
release. 


2004 


-—— 
MAY: Microsoft announces server disaster 
MARCH: Microsoft SEPTEMBER: Step-up License option _ recovery benefit for Software Assurance and 
launches Open added for Office Standard users to plans to make available MapPoint Web services 
Value program. upgrade to Professional Edition. and Microsoft Office Live Meeting in July. 


OCTOBER: Microsoft extends enrollment 
deadline to July 31, 2002; Licensing 5.0 
version upgrade program ends. 





COMPUTERWORLD May 24, 2004 


NEWS 


EMC Extends Its Storage 
Reach to Branch Offices 


New NAS gateway and entry-level array 


are designed to automate data backups 





BY LUCAS MEARIAN 
MC CORP. IS ROLLING out 
a one-two combination 
of low-cost storage de- 
vices targeted at cor- 
porate IT managers who want 
to eliminate the hassles associ- 
ated with doing lo- 
cal backups of data 
from servers to 
tape drives in re- 


MORE NEW: 


mote offices. 
EMC last week 
announced a net- 
work-attached 
storage (NAS) gateway device 
that operates under Windows 
and starts at $6,100. Sources 
said the company plans to 
soon add an entry-level disk 


infringed on EMC patents 


@ QuickLink 46967 
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| array code-named Piranha 
that has a base price of about 
$5,000 and can work with the 
NetWin 110 NAS Gateway. 
Tom Joyce, senior director 
of NAS product marketing at 
EMC, said the vendor hopes 
to sell hundreds 
of NetWin 110s to 
large companies 
that want to con- 
solidate direct- 
attached storage 
capacity in branch 
offices into disk 
arrays. He added that users 
| can install the gateway 
device without help from 
EMC, which “brings us into 
| an entirely new territory.” 


rules that HP 


Users Praise PeopleSoft’s 
Program to Simplify Apps 


BY MARC L. SONGINI 

AS VEGAS 
A half-dozen PeopleSoft Inc. 
users last week said that the 
company’s year-old effort to 
simplify its software is yield- 
ing results, making the busi- 
ness applications easier and 
less expensive to install, main- 
tain and upgrade. 

For example, IT personnel 
at Harris Trust and Savings 
Bank in Chicago expect to 
complete an upgrade to Ver- 
sion 8.8 of PeopleSoft’s Enter- 
prise financial applications in 
as little as eight weeks, said 
William Kragh, vice president 
of the bank’s financial control 
group. 

At its 2004 Leadership Sum- 
mit here, PeopleSoft said it has 
built simplification features 
into the Enterprise Financial 
Management 8.8 software, 
plus two other application up- 
grades and two releases of its 
development, deployment and 
management tools. The soft- 


| ware vendor launched the ini- 
tiative at last year’s conference 
| [QuickLink 38337]. 

The products shipped thus 
far represent only a subset of 
PeopleSoft’s technology, but 
the company announced that 
easier-to-use versions of its 
CRM software and the mid- 
market applications first de- 
| veloped by J.D. Edwards & Co. 
will be available next month. 


Time Saved 
According to PeopleSoft, test- 
ing of the products that have 
been shipped thus far showed 
a streamlining of various IT 
tasks, including a 20% reduc- 
| tion in overall implementation 
times, an 80% cut in the num- 
ber of steps needed to apply 
application updates and a 44% 
reduction in the time it takes 
to diagnose and solve any 
problems. 
The vendor has devoted 
more than 1,000 developers to 
the simplification program, 








However, the NetWin 110’s 
price tag could escalate quick- 
ly when users add EMC’s 
Clariion CX midrange disk ar- 
rays to handle data storage for 
the gateway, as well as data 
backup software. The Clariion 
line now starts at $32,000 to 
$122,000. 

The addition of the Piranha 
array, which is expected to be 


formally called the AX100, will 
| give users a much less expen- 
| sive storage option, according 


to the sources. EMC officials 
declined to comment about 
the Piranha plans. 

IT managers said Windows- 


| based technology such as Net- 


Win could heip them reduce 


| the problems surrounding 


tape backup of direct-attached 


| storage in remote offices, such 
| as the potential for mechani- 


PeopleSoft 
announcements: 


Alem Ure tne me lale ms (ehVe lee. 


Ss forecasting 


which is dubbed Total Owner- 
ship Experience, or TOE. 
Nanci Caldwell, PeopleSoft’s 
chief marketing officer, said 
the vendor is halfway to its 
goal of reducing software own- 
ership costs by 60% via im- 
provements such as increased 
end-user productivity and en- 
hanced maintenance and im- 
plementation capabilities. 
“This is not hype,” she said. 





| we can use our tape library to 


| ina quarter-century of IT 
; work. “We accomplished it 
| under budget and on time,” 


| month plans to roll out the 8.8 


| director of data infrastructure, 


| stall a significant number of 





cal and human failures. 

Steve Spieler, a systems engi- 
neer at Wells’ Dairy Inc. in Le 
Mars, Iowa, said he recent- 
ly bought two of EMC’s S 
higher-end NetWin 200 
NAS gateways and combined 
them with an entry-level Clari- 
ion CX300. Wells’ Dairy, which 
sells dairy products under the 
brand name Blue Bunny, has 
six remote offices, plus sales 


| representatives who work from 


home. Spieler said he wants to 


| replicate data from remote lo- 


cations to one of the NetWin 
200s, which will mirror the in- 
formation to the other NAS de- 
vice in a secondary data center. 
The dairy is also installing 
data-replication tools devel- 


oped by EMC’s Legato Soft- 
| ware division in some of its 
| branch offices. Using the 


Legato RepliStor software 


| “will alleviate backing up 
| those machines,” Spieler said. 


If a branch-office server goes 
down, “that data is here, and 


recover it,” he added. 


George Muller, CIO at Im- 


| perial Sugar Co. in Sugar Land, | 
| Texas, said a recent upgrade 
| from the PeopleSoft 7 finan- 


cial applications to Version 8.4 
was the smoothest he has seen 


Muller said. “I think TOE has 
been a big part.” 

The University of Florida in 
Gainesville runs PeopleSoft’s 
portal software and next 


financials module and 8.4 hu- 
man resources software. 
Mike Conlon, the school’s 


said IT staffers have had to in- 


patches and upgrades, a proc- 
ess that has gotten easier due 
to new diagnostic tools from 
PeopleSoft. 

Conlon said he’s also inter- 
ested in a tool that’s designed 
to help IT workers identify the 
patches that are needed for a 
specific PeopleSoft release, al- 
though he said it could take un- 
til next year for all his applica- 
tion versions to support the 
change-assistant tool. @ 47048 | 
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PRODUCT DETAILS 


NetWin 110 
NAS Gateway 


@ A 1U device that runs Windows 
Storage Server 2003 


® Supports up to 35TB of 
storage on EMC’s Clariion 
disk arrays 


@ Includes a 30-day trial copy of 
RepliStor, a set of data replica- 
tion and recovery tools devel- 
oped by Legato Software 


® Sold through distributors at a 
list price of $6,100, without any 
Clariion storage 


Tony Varano, director of 


technology services at Kforce 


Inc. in Tampa, Fla., said that 
before the staffing recruit- 
ment firm finished installing a 


| centralized backup architec- 
| ture based on Veritas Software 


Corp.'s storage tools in Janu- 


| ary, only about half of its 70- 


plus branch offices regularly 


; did tape backups. 


“| have two guys who work 
on my backup team,” he said. 


| “That would be half their job, 
; calling out there to say, ‘Could 
| you please put the tape in, 

| Mary?’” Sometimes, backups 


still weren’t done even after 


; such requests, Varano added. 


EMC isn’t the only vendor 


eyeing backup products for 


branch offices. Hewlett- 


| Packard Co. this week will 
| announce plans to offer an 


extension to Microsoft Corp.’s 


| Windows Storage Server 2003 


software that lets Exchange 


| e-mail servers back up data to 


NAS devices. EMC supports 


| the Exchange feature in Net- 


Win 110. 47033 
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Correction 

Ina May 10 story on health care 
supply chains, the name of David 
Yundt, chief operating officer of 
Hospital Logistics Inc., was mis- 
spelled. Yundt also is president of 
the company. The first name of 
Sarah Friesen, general manager 
of Shared Healthcare Supply 





The right management should do more than just protect. 
lt should also enable. 
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With eTrust security management software, your information isn't just safeguarded from internal and exter! reats 
We provide authorized customers, partners, and employees with appropriate access that can help your busin 
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Gateway Cancels 
Outsourcing Deal 


Gateway Inc. plans to terminate 
an IT and business process out- 
sourcing contract that it signed 
last September with Affiliated 
Computer Services Inc. Dallas- 
based ACS said the seven-year, 
$400 million deal will be dis- 
solved within 90 days. Recent 
layoffs and store closings have 
“dramatically reduced” Poway, 
Calif.-based Gateway’s need for 
outsourcing services, ACS said. 


Utility Hands Off IT, 
Business Units 

TXU Corp., a Dallas-based utility 
and energy services company, 
said it has signed a 10-year out- 
sourcing agreement valued at 
$3.5 billion with Paris-based 
Capgemini. The two are forming a 
company that will provide IT ser- 


vices to TXU and run business op- | 


erations such as human resources 
and finance. TXU will own about 
3% of the new company. 


HP Says Revenue 
Rose 12% in Q2 


Hewlett-Packard Co. said revenue 
in its second quarter increased 
12% year over year. The quarter, 
which ended April 30, was the 
first in which HP’s revenue 


topped $20 billion. But CEO Carly | 


Fiorina said she still expects only 
a minimal increase in IT budgets 
at U.S. companies this year. 


BY THE NUMBERS | 


Short Takes 


Three months after scrapping a 
plan to bundle its Commerce 
Server with two other products, 
MICROSOFT CORP. said it plans to 
upgrade the e-commerce soft- 
ware in early 2006. . . . |BM said 
it has signed a 10-year IT out- 
sourcing deal valued at $454 mil- 
lion (U.S.) with Australian airline 
QANTAS AIRWAYS LTD. 


| Users could face | 
DoS attacks, but 
risks seen as low 


BY BOB BREWIN 
NFORMATION technology 
managers last week said a 
denial-of-service vulnera- 
bility that affects some 

Wi-Fi wireless LANs could 

| force companies to develop 

new skills and rethink the way | 

their networks are set up. But, 
they added, it should be rela- 

tively easy to defend WLANs 

against attacks seeking to 

| exploit the flaw. 

For example, an attacker 
would need to be within the 

| typical 200- to 300-ft. range 

of a WLAN to shut down data 
| transmissions, according to 

| security researchers and 

| wireless vendors. Corporate 

| WLANs that are well shielded 

within buildings or fenced-off 

| areas should be safe from at- 
tacks, they said. 
Companies that operate 

| multiple access points on their | 

| WLANs could also switch net- 

| work traffic to other access 
points if one or more were at- 
tacked, although doing so 

| would require radio frequency 

| management skills and tools. 








Defensive Measures 

The denial-of-service risks 

| were outlined on May 13 by the | 

| Australian Computer Emer- 

gency Response Team and am- | 

plified by its U.S. counterpart. 

The problem affects WLANs 

based on the 802.1lb protocol, 

as well as the original 802.1] 

| protocol and low-speed 802.llg 
wireless devices operating at 

| rates below 20Mbit/sec., the 

| two groups said. 

They added that networks 
built around 802.1a or high- 
speed 802.llg technoicgy 

| aren’t affected by the vulnera- 
| bility, which involves an ac- 

| cess-control function used 

| by WLANs that support the 

| Direct Sequence Spread Spec- 
trum (DSSS) modulation 


he added. 


FedEx Corp.'s favor, said Ken 
| Pasley, director of wireless 


| Memphis-based company. 
| ery hubs to connect wireless 
| 


| are located within the fenced 
| periphery of airports, which 


| tives at the Retail Systems 


| quency identification technol- 


| expectations for suppliers 
| working to meet a January 


| to share what it has learned 


| al 37 volunteers in January, 

| the company plans to contin- 
| ue its expansion, with all 

| domestic suppliers expected 
| to participate by the end of 


NEWS 


law in 


scheme. No technology fix is 
available, so users must take 
other steps to protect their 
networks from attacks. 

Mike Taylor, CIO at Todd 
Shipyards Corp. in Seattle, said 
he thinks geography serves as 
his best defense. Todd Ship- 
yards runs its WLAN over 40 
access points spread across its 
44-acre shipyard, Taylor said. 
That means attackers would 
have to surround the shipyard 
and then try to take out every 
one of its widely scattered 
access points to stop traffic, 


Geography also works in 


business development at the 


FedEx runs extensive 
WLANS at its package-deliv- 


bar-code scanners used in 
package sorting. But the hubs 





| BY CAROL SLIWA | 


CHICAGO 

Wal-Mart Stores Inc. execu- 
Conference last week unveiled 
an updated road map for the 
company’s rollout of radio fre- 


ogy and discussed its revised 


2005 deadline set last year. 
The Bentonville, Ark.-based 

retailer plans to meet with its 

top 100 suppliers next month 


and refine the rollout process 

for another 200 suppliers. 
After going live with its top 

100 suppliers and an addition- 








2006. It will also evaluate an 


| top suppliers to tag all of the 


| centers in the Dallas/Fort 
| Worth area by January and to 


| rate [QuickLink 3918]]. 
| changed, Wal-Mart now ex- 
| ers will be tagging 65% of the 


| product cases and pallets they | 
| send to the distribution centers 


| “And it could change,” she said. 


| provided suppliers with a set 


www.computerworld.com 


TI Managers Ready Defenses 


ireless LANs 


should make it difficult for an 
attacker to get within range, 
Pasley said. 

FedEx also uses radio fre- 
quency scanning tools in an 
effort to detect potential at- 
tacks and protect its wireless 
networks, Pasley said. 

The flaw was discovered by 
a team of graduate students at 
Queensland University of 


Wireless Threat 


An attacke 





‘Wal-Mart Revises 05 RFID 


international rollout. 
Wal-Mart has challenged its 


product cases and pallets they 
ship to its three distribution 
ensure that the tags can be 
read with a 100% accuracy 
While the goal remains un- 


pects that, on average, suppli- 


in January, according to Linda 
Dillman, executive vice presi- 
dent and CIO at Wal-Mart. 


Determining Feasibility | 
Wal-Mart spokesman Gus 
Whitcomb said the company 





of goals and then spent months 


Technology in Brisbane, Aus- 
tralia. Mark Looi, a professor 
there, suggested that one de- 
fense against attacks would be 
to replace all 802.1lb access 
points with 802.lla technology, 
which uses a different form of 
modulation than DSSS. 

But a spokeswoman for 
United Parcel Service Inc., 
which operates one of the 
largest 802.11b networks in the 
world, said the Atlanta-based 
company views a move to 
802.lla as unacceptable be- 
cause of the money it has in- 
vested in its existing WLAN 
deployment. She added that 
UPS is waiting for input from 
its WLAN vendor, Symbol 
Technologies Inc., on safe- 
guarding its network. @ 47049 


MOBILE IT MATURES = 


To read a preview of Computerworld's 
Mobile & Wireless World conference, visit 
our Web site: 


QuickLink 47054 
www.computerworld.com 


Expectations 


meeting with them and asking 
“what was actually feasible.” 


| Suppliers offered predictions 


of the percentage of pallets and 
cases they will be able to tag by 
January, and 65% represents 


| the average of the figures they 


submitted, he said. 
Dillman said Wal-Mart 
“never expected in reality” to 


| reach the 100% mark but de- 


cided to set that as a goal for 
everyone, including its inter- 
nal team. Then it directed its 
suppliers to “tell us what you 
can do,” she said. “That way 


| we know what’s really possi- 


ble. We don’t want to be the 
ones limiting what those sup- 
pliers can do.” @ 47047 


MORE ONLINE 


For related stories, visit the RFID special 
coverage page on our Web site: 


QuickLink a3690 
www.computerworld.com 





don’t be the one vite let the SAN fail 


iM N 


ee 


You like your job. And the boss likes you - 
as long as the SAN is up and running. 


Keep it that way with NetWisdom and Xgig Analyzer, the SAN monitoring and analysis 
tools that identify catastrophic events before they shut your network down. SAN failure 
occurs after an accumulation of invisible errors. Finisar’s NetWisdom and Xgig Analyzer 
proactively identify and troubleshoot network errors, reducing business losses, tech- 
nology costs, and customer service voids. 


Research shows that SAN downtime can cost organizations $100,000 per minute, 
or more.* NetWisdom and Xgig help you avoid these costs by conducting accurate 
performance tuning and capacity planning. . - 
Finisar 
When data stops moving, so do the dollars. Be part of the solution: monitor your 

SAN with Finisar network tools and stop degradation, CRC errors and events that can 
impact your most critical business data and transactions. iia ill 
delivering best-of-breed products and testing 
View our web seminar, including a customer case study and demo of NetWisdom by ae 


visiting www. finisar.com/nw www.finisar.com/nw 
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OPINION 


MARYFRAN 


JOHNSON 


Blurring Boundaries 


IRST, AN APOLOGY TO OUR READERS. 

We screwed up last week in the placement 

of an advertisement from the Harvard 

Business School Press promoting Nick 

Carr’s new book, Does IT Matter? The ad 
ended up directly opposite the lead story in our 
management section [“Follow, Don’t Lead,” Quick- 
Link 46432], which featured excerpts from that book 
and an interview with the intrepid Mr. Carr. 


That never should 
have happened. An edi- 
torial/advertising adja- 
cency like that is an em- 
barrassment and a seri- 
ous concern to the edi- 
tors of Computerworld. 

We have a checks-and- 

balances process (clearly, 

not a flawless one) that 

is supposed to ensure 

that a story about, say, 

Microsoft doesn’t end 

up sitting next to an ad 

hawking Windows products. The 
same goes for book reviews, Q&As 
and any other stories that we write. 

Does ad placement really matter 
so much? Editors think so, believing 
that such pairings signal to readers 
that the independence or objectivity 
of the editorial content is suspect. It 
raises the concern that we’ve struck 
some unholy alliance with the adver- 
tiser — even when we most definite- 
ly have not. 

It may surprise you to learn that 
even advertisers care about adjacen- 
cy. They provide our production de- 
partment with a list of competitors 
they must be separated from, includ- 
ing the number of pages they want 
between them and certain rivals. 

But I’ve been talking here about 
print publications only. The whole 
advertising adjacency issue changes 
dramatically — and much more dis- 
turbingly — in the online world. Ads 
are sold online by linking them to 
certain keywords in stories, thus en- 
abling more accurate “targeting” of 
relevant editorial content by the ad- 





vertisers. The technique is 
called contextual advertis- 
ing. That same Windows 
story that we would whisk 
away to another page in 
order to avoid a Microsoft 
ad would actually be sold 
online with the promise of 
greater adjacency to a sto- 
ry about Windows. 

This has always both- 
ered me. We follow one 
set of journalistic prac- 
tices in print but disre- 

gard them online, as though the 
change of media channel wiped 
away a quaint little tradition. But as 
the Web exploded onto the publish- 
ing scene, it was deemed a radically 
different media “experience.” The 
technology enabled new advertising 


| tactics, and editors’ concerns were 





brushed aside by marketers with 
pop-up ads to sell. 

But editors aren’t the only ones 
worrying about where and how ads 
appear. In an adjacency issue of a 
different sort, L.L. Bean last week 
sued four companies over pop-up 
ads that appeared when customers 
browsed on its Web site. “We’re try- 
ing to get advertisers to stop serving 
pop-up ads on L.L. Bean’s Web site 
which annoy and divert our cus- 
tomers,” Mary Lou Kelley, VP of 
e-commerce at L.L. Bean, told the 
Associated Press. 

I wish her well with those efforts, 
but even more intrusive invasions 
are on the way. A company called 
Vibrant Media Inc. recently launched 
its IntelliTXT product for “inline” ad- 
vertising, which embeds a green hy- 
pertext link inside editorial content 
that readers can click on to launch an 
ad. Vibrant calls it “smarter” adver- 
tising that offers readers an alterna- 
tive to pop-ups. Editors call it an 
abomination that blatantly breaches 
the editorial/advertising boundary. 

So finally, a question for our read- 
ers: What do you think of these blur- 
ring boundaries between editorial 
content and advertising messages? 
Do you care at all? Am I just tilting at 
windmills? I'd love to hear what you 


| think. @ 47014 
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The Day 
The Music 
Stores Died 


ALL it the neutron- 

bomb effect: In less 

than a decade, the 
aisles of music retailers will 


be empty. I predict that online 
music sites such as Apple’s iTunes, 
Napster and Sony’s Connect will have 
drained Virgin Megastores, HMVs and 
Tower Records of their customers. 

No, I take that back. 

The big brick-and-mortar music 
retailers won’t just be empty; they’ll be 
gone — along with their shelves, bins 
and dimwitted sales assistants who 
can’t direct you to anything other than 
the latest Britney Spears CD. 

The success of Apple’s iPod, which 
plays Internet-downloaded music, 
demonstrates how the world of tradi- 
tional retailing is col- 
liding with digital 
technology. With 
recommendation 
engines, shared play- 
lists and download- 
able samples all at a 
consumer’s finger- 
tips, why buy at a 
store? 

Even big music 
companies such as 
Warner, BMG and 
EM are getting into . 
the act, teaming with RealNetworks to 
start a service dubbed MusicNet. But 
this effort comes with restrictions on 
what you can do with the music. You 
might want to burn a CD so you can 
listen in the car, but the service’s pro- 
tected Real Audio and Windows Media 
files chain you to your desktop. 

Virtual music should let you take 
music anywhere. And as soon as you 
go virtual, the economics of shrink- 
wrapped CDs begins to look dicey. 

A consumer who pays 99 cents per 
song at iTunes (soon to be $1.25; the 
music companies are being true to 
form, biting the hand that feeds them) 
is putting about 65 cents into the pock- 
ets of the record companies. For Apple, 
the real money is in selling the iPod. 
But for the music industry, the impor- 
tant lesson has been Apple’s demon- 
stration that it doesn’t take a music 
company or a traditional retailer to 
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’ FOR THOSE WHO HAVE FANTASIZED ABOUT A COMPLETELY 
untethered. computing environment, the wireless infrastruc- 
ture is rapidly falling into place. Wi-Fi now comes in three dif- 

©. ferent flavors. 3G telecommunications is finally becoming a 
CU MU LC mm CSS Lo 

l]" \ \ iI shift to WiMax, a metro-area wireless broadband technology 
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known popularly as Wi-Fi, or 802.11b, 802.11a and 802.11g, 
have shaken things up considerably. 


HP can help you predict the business benefits of a large-scale wireless solution without large-scale risks. 


When you envision your ideal enterprise-wide wireless solution, what do you No doubt security, manageability, scalability and flexibility 
jump immediately into focus. HP can now offer you a glimpse into your wire uture by helping you develop a wireless pilot designed for 
your busin Our service professionals will hel d-to-end, secure s network ng HP open-standards technologies 
These work in conjunction with a wide range c of-bre lutions from our strategic software partners, so you are not confined by 
a limited selection of proprietary products. HP pilots offer a unique rtunity to tally the business benefits of a well-planned wireless network 
before you move to a full-scale implementation. And of course, we'll provide a wealth of choices, so you'll be assured your pilot erfect fit 


for your busin Demand confidence in wireless tec 2s. Demand proven cost effic Demand HP. 


HP recommends Microsoft® Windows® XP Professional for Mobile Computing. 


1-800-888-5864 


BE REAL ACMA TRA Rei OT MS MTA STUNT 





ADVERTISING SUPPLEMENT 


TERMS TO KNOW In February, Info- 


netics Research, an 


international market 


3G: Third Generation 
nobile communications. 3G 
is an ITU specification for the 
third generation of mobile 
communications technology. 
(Analog cellular was the first 
generation and digital PCS 
the second). 3G promises 
increased bandwidth of up 
to 384Kbps when a device 


research and consult 
ing firm based 
in San Jose, Calif., 
reported that, driven 
by strong wireless 
gateway growth, 
global WLAN hard- 
ware revenues hit 
$2.5 billion in 2003, 
up 56 percent from 


2002. In mid-2003, 


Is Stationary or moving at a 
pedestrian speed, 128Kbps 
in a car and 2Mbps in 


Gartner Inc., a re- 
search and advisory 
fixed applications. Fourth firm in Stamford, 
Generation, or 4G, wirel Conn., projected that 
systems capable of data 60 percent of midsize 
transmission rates of businesses in North 
America would de- 


ploy WLANs within 


between 20Mbps and 
100Mbps are proje 
the 2006-2010 time frame 


ted for 
their premises by the 
end of 2003. 

“Mobility, not just 
wireless access, represents the next major business and techni- 
cal discontinuity large enterprises are facing,’ says Gartner 
Vice President Phillip Redman. “While the PC and Internet rev- 
olutionized communications system types, mobility will revo 
lutionize information flow. Wireless doesn’t replace what you're 
doing on the wired side. It adds to it with 
greater mobility, greater functionality and 
by reducing time between transactions.” 

WLANs also enable new applications 
and creative uses of existing ones. One hot 
topic is location-based computing, which 
can mean everything from delivering con 
tent based on the room you walk into, to 
sophisticated asset-tracking capabilities 
by which companies can track handheld 
devices, for instance, or hospitals can 
match wheelchairs and transport person- 
nel to patients. 

Another buzz is circling around the 
prospect of delivering Voice over Internet 


Protocol telephony via Wi-Fi. That could 


RELATIVE IMPORTANCE 


mean dual-use phones that roam among 
private campus WLANs and public voice 


networks and systems that circumvent the 


DEMAND PROHIBITIVE 


‘Mobility will 
revolutionize 


information flow’ 


— GARTNER VP PHILLIP REDMAN 


public wireless voice carriers in favor of fixed wireless broad 
band over metropolitan-area networks. 
“A lot of this is still very early” Redman says. “We're in the 


stage of what | g packet digital. We're moving away 


fr, oe ee oa etaetaRecceie: tal ae ed 
from inefficien InreliaDie technology like circuit switches 
} f r . ] hant Y roe > ~ f 
The next couple of years are all about convergence of voice and 


data, wired and wireless.” The next phase — around 2010, he 


g, where we move away 


says — will be “information farmin 
from hunting and gathering and putting together difficult 


} 1 : = 
solutions and get t nere everything just works. 


THE GOAL: SEAMLESS SPERATION 


hing will “just work” together are driving 


Visions of how ever 
development of ot less technologies. 
Intel is ag promoting WiMax, the commercia 
term for IEE} eless metropolitan-area networki 
the latest iteration of fixed wireless broadband access. With a 
1-mile transmissic 


range and data rates of up to 70Mbps, 
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WIRELESS LAN GROWTH a 
STEADY AND STRONG 


Worldwide Wireless 
LAN Shipments 
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WiMax is pitched as a “last mile” alternative to cable and digi 
tal subscriber line. It is seen as a practical way to implement 
wireless in rural areas where the low population density makes 
wired broadband deployment cost prohibitive. A second flavor 
of 802.16, designated 802.11e, provides a nomadic or mobile 
alternative that may lead it to become a metro-area version 
of Wi-Fi. 

In a January presentation to a wireless industry conference, 
Sean Maloney, executive vice president and general manager 
for Intel Communications Group, described a vision of wireless 
technologies working seamlessly: “I'll take you on a fantasy 
drive from Truckee, California. And on that fantasy drive, you 
would be driving down the hill or you would be up in Truckee 
in a rural area and youd be connected on 1xRTT [single carri 
er radio transmission technology] that’s offering you 50Kbps 
or thereabouts. That is true today.... As you drive down and 
get within radius of San Francisco, you're going to pick up a 
WiMax network, which is going to give you some orders of 


magnitude more than that. And then you'll walk into your 
home [where you'll] have access to Wi-Fi initially at the 
(802.11g or 802.11a] kind of speed of 55Mbps, and then... 

following onto that in 
years, 


100Mbps 


couple ol 
802.1 1n... {at 
or 200Mbps.” 
has_ its 


Verizon own 


vision of the wireless 


($ billions) future, hinging on its 
January announcement 
that its Verizon Wireless 
will 


unit expand _ its 


BroadbandAccess net 
work, 
Evolution-Data Optimized 
(EV-DO) 3G 


nationwide. The 


based on the 
tec hnology, 
carrier 
has also embarked on an 
aggressive “fiber to the 
premises” program in 
which it aims to lay fiber- 
optic pipes by 1 million 
new homes by the end of 
this year. 

“{We] think the trans- 
formation will come when 
we marry private Wi-Fi 
with public EV-DO,’ says 
‘02. ‘03 '04* : ; 

*ESTIMATES 


‘'05* ‘06* 
SOURCE 


Eric Bruno, vice president 


IDC of product management 


IRELESS 
OWN TO 


j this interview, writer Peter Bartolik talks with Kevin 
PBourcen, program manager for International Data 
Corp’s mobile devices services, about some of the main 
issues enterprises face in deploying mobile and wireless 


technologies. 


oO Are you surprised at the way mobile and wireless 
technologies have proliferated in the enterprise? 
A What’s more of a surprise is how long it has taken 

enterprises to embrace these technologies. With such 
low-power, high-performance devices, it makes sense for 
enterprises to figure out how to leverage them. 


oO What does the enterprise market want in regard 
to converged mobile devices? 


Generally, people want something that works like a 

PDA and looks like a phone. When you think about 
where the volume is going to be, clearly it’s going to be in 
devices that look like phones because the vendors can tap 
into the general consumer market. 


CO. What are the roles for these types of devices in the 
enterprise? 


A Enterprises should be looking at mobile and wireless 


technologies as a way to mobilize the applications 


they are already running. That means middleware, servers, 
integration, [and] potentially changes in business rules and 


with Verizon's Enterprise Solutions Group. “We'll have seamless 
connectivity, such that if ’m on private Wi-Fi in an office, when 
I walk out of the building, I'll transition seamlessly into Verizon 
EV-DO. When I walk into my house, where I have Verizon DSL, 
the network device seamlessly transitions again from EV-DO.” 


WIRELESS WAKE-UP CALL 

But turning those visions into reality are still a way off. Wi-Fi is 
still bearing the stigma of security issues that saddled initial 
products and the much-maligned Wired Equivalent Privacy 
encryption standard. (See story, “Securing the wireless world, 
on page 8.) 
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GETS 
BUSINESS 


tried-and-tested processes. Often, cultural issues need to be 
addressed, which are tough and can be expensive, so that’s 
[why businesses] will start with something more widespread, 
like wireless e-mail and wireless expense tracking, which seem 


to be the two most popular applications. 


How does the non-telephony PDA evolve so that it 

stays relevant in the coming years? 

There is always going to be a market for the uncon- 

nected PDA. There are benefits — such as the PIM 
applications without a monthly wireless service charge. 
Despite all the functionality that vendors have been building 
into PDAs, like digital cameras and voice recorders, the core 
PIM apps seem to drive demand: the contact manager, calen- 
dar, tasks and note taking. PDAs, however, do need to evolve, 


so we're probably looking at the beginning of another level of 


convergence where the PDA moves closer to consumer elec 
tronics devices, which sell in the tens of millions of units 
annually. PDA vendors are exploring how they can tap into 
that type of volume. 


oO What's the best way for enterprise IT managers to 
sort through the myriad wireless options and eval- 


uate the solutions that best fit their needs? 
The best way is to focus on the type of application and 


what mobility means to the individual user. For exam- 
ple, are they mobile in the field or in a corporate campus or in 


“The main reason enterprises were doing nothing a year ago 
was concerns about security, particularly wireless LANs,’ says 
Richard Stone, wireless and mobility solutions manager for 
Hewlett-Packard Co’s Americas group. “We are seeing that 
changing now. People are embracing wireless LANs. They are 
fairly comfortable that wireless can be made as secure as the 
wired environment.” The biggest security risk for enterprises 
today, Stone says, comes from employees installing “rogue 
WLANs’ on their own without incorporating available security. 

Even if enterprises are not comfortable with wireless tech- 
nology, they’re increasingly aware that they face substantial 
liability if data residing on wireless networks or devices were 


a building? If ye 


mobile in a campus setting, you 
can make an initial investment in 
802.11 technologies and invest 
further as the technology im 
proves and evolves to WiMax and 
beyond. If your users are in the 
field, look at wide-area wireless 
technologies EDGE and EV-DO. 
The best way to navigate through 
these standards is to focus on the 
applications of the users, Sidi Ghndinns presen 

manager for international Data 
Corp.'s mobile devices services 


out how to give them wi 

access in the places they will be 
working and ignore all the rest. Investing in mobility cannot be 
about keeping up with the technology from a device perspec- 


tive or from a service perspective. 


How do IT departments meet the needs of their 
users while ensuring these devices fit within man- 
ageable systems architecture? 


A If a company is going to mobilize its applications — if 
it is going to allow mobile devices to access data 
behind the firewall — it will need to set policies regarding 
what devices and platforms will be supported. From an appli- 
cation-development standpoint, IT may want to support only 
one platform, but as long as [IT develops] with industry stan- 
dards, such as XML and Java, it doesn’t matter what platform 
the client device is based on. Industry standards allow compa- 
nies to be device- and platform-agnostic. Still, there are sup- 
port issues, so companies are likely to build a list of preferred 
devices so technical problems can be reasonably predictable. 
Many applications a company uses are Web-enabled, so using 
XML, the company can essentially create a wireless extension 


that can be accessed by any device. 


comprised. When new laws, including Sarbanes-Oxley and the 
Health Insurance Portability and Accountability Act, were 
enacted that covered financial disclosure and health privacy, 
enterprises “woke up” to the need to secure their wireless data, 
says Michael Disabato, ident of Burton Group, a 
Midvale, Utah-based enterprise IT research and advisory firm. 
“Security is not just a wireless issue,’ he says. “It’s increasingly 
a mobile issue. Whether youre using Ethernet in a hotel or 
wireless, you still have the same issues to worry about.” 

fom Goodman, vice president of business development and 
operations with wireless and mobile security software vendor 


Bluefire Security Technologies of Baltimore, concurs. “The big 
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GROUPS WITH MOBILE AND WIRELESS ACCESS 
TO E-MAIL, YEAR-END 2003 AND 2005 


Q. Which of the following groups at your company do you expect to have a majority 
of workers with mobile and wireless access to e-mail by the end of 2003 and 2005? 


Mobile 
professionals 


Mobile field/ 
on location 


Occasionally 
mobile 


Deskbound/ 
other groups 
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SECURING THE 


COMPUTER 
SU RET Vices comesimes seem tice « 


never-ending version of Whack-a-Mole, the arcade game 


where no sooner do you hammer the head of one varmint, than 


another pops up alongside. Although threats to mobile and 


wireless technology have been relatively minor compared with 


the unrelenting assault on Windows, the growing number of 


new devices on the outer perimeters of business dramatically 
increases the potential for harm. 

Cellular phones have been viewed as fairly low-level sec- 
urity threats due to the wide variety of manufacturers and 
operating systems. But the move to standardized platforms and 
protocols will invariably lead to greater temptation — and 
opportunity — for hackers. 

One serious threat to cell phones is bluesnarfing, which 
exploits a security flaw in Bluetooth. Recently disclosed by 


Adam Laurie, managing director and chief security officer of 


U.K.-based A.L. Digital Ltd., the exploit allows attackers to con- 
nect to some Bluetooth phones without users’ knowledge and 
steal the data stored on the devices. Subsequent probing deter- 
mined that some phones may be vulnerable even in “invisible” 
mode. In some public Wi-Fi hot spots, it’s possible to “snarf” 
user names and passwords by confusing users with DNS and 
HTTP redirects from a competing access point. 

Enterprises should be concerned about the value of the 
information on the devices and the potential liability if that 


(% of respondents) 
10 20 30 40 


SOURCE: IDC’s 2003 Wireless and Mobile Enterprise Survey, 604 Sites Polled 
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WIRELESS 


information were disclosed, says Michael Disabato, vice presi- 
dent of Burton Group, a Midvale, Utah-based enterprise IT 
research and advisory firm, and author of a recent report, 
“Managing and Securing the Mobile Device.” 

In the U.S., companies face potential liability for violating a 
variety of laws, including the Sarbanes-Oxley Act, the Health 
Insurance Portability and Accountability Act and the Graham- 
Leach-Bliley Act. In Europe, companies are subjected to the 
restrictions of the European Union Directive on Data Protection. 

“The growing mobile worker community has shredded the 
concept of the ‘fixed’ perimeter as defined by a centrally con- 
trolled firewall? Disabato says. “As more workers take to the 
road and bring their desks along in the form of their mobile 
devices, the perimeter moves with them. Essentially, the net- 
work perimeter is now in each mobile device.” 


LINES OF DEFENSE 


An array of security products — from services that track 
devices to “poison pill” software that erases data when a stolen 
device is connected to the Internet — is being developed for 
mobile devices. 

The first line of defense — encyrption — is available in a 
variety of products and built into common operating systems. 
In addition, intrusion detection is getting smarter and VPNs 
abound. 

The IEEE 802.11i standard, expected to be 
approved shortly, will raise the bar for security 
in Wi-Fi When 802.11b 
approved, it incorporated the Wired Equi- 
valent Privacy (WEP) encryption protocol, 
which was based on the 40-bit key encryption 
restriction that the U.S. government had set for 


networks. was 


exporting encryption technology. However, 

WEP has been widely discredited for its lack of 

authentication and a weak encryption key 
management scheme. 

In 2003, the Wi-Fi Alliance responded to the 

criticism by introducing a strong alternative, 

Wi-Fi Protected Access (WPA). WPA, a partial 

implementation of the in-progress 802.11i 

60 standard, utilizes the Temporal Key Integrity 

Protocol for better data encryption and key 
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management. WPA also includes 802. 1x and the Extensible 
Authentication Protocol (EAP), which, via a central 
authentication server (such as RADIUS) authenticates 
users on the network before they join it. WPA also employs 
mutual authentication so users don’t accidentally join a 
rogue network. More than 40 manufacturers have turned 
out over 175 products equipped with WPA security. 

The 802.11i standard incorporates even stronger secu- 
rity, including protocols based upon the Advanced 
Encryption Standard (AES). 

While much WEP-based 802.11b equipment could be 
upgraded to WPA, that may not be the case with 802.11i. 
Nonetheless, “AES is the standard now and everybody is 
going to use it,’ Disabato says. “Older [802.11.b] units are 
two to three years old so they are almost amortized.” 


Disabato also points out that 802.11e, an IEEE standard 


that provides classes of service with managed levels of 


quality of service for data, voice and video applications, 
will also not work well with older systems so there is good 
incentive to upgrade. Some vendors are already shipping 
“802.1 1i-ready” systems with AES-compatible processors, 
so that once the final specification is approved, they can be 


upgraded via a driver. 


PROACTIVE APPROACH 

After reviewing available security technologies, Hewlett- 
Packard Co. standardized on a comprehensive security 
software management platform from Addison, Texas- 
based Credant Technologies, says Richard Stone, wireless 
and mobility solutions manager for Hewlett-Packard’s 
Americas group. Combining security and device manage- 
ment, Credant’s Mobile Guardian integrates with Microsoft 
Active Directory to centralize policy management and 
administration and enforce security on smart phones, 
Pocket PCs, notebooks and tablets. 

Credant says that while only about 10 percent of enter- 
prises are taking a proactive approach to mobile and wire- 
less security, smart phones should push the remaining 90 
percent to take a serious look at the issue. That day is 
apparently not yet here. In March, Gartner Inc. reported 
that approximately 90 percent of mobile devices lacked the 
protection to ward off hackers. 


thing enterprises are stru 
is how |to corporate Vv 
employee-owned devices, he says. 
Some high-profile in 
served to hig 
ing data that resides on mobile and 
wireless dev Ices 
a former financial-se 
sold his old BlackBerry 
$15.50, the buyer discovered it 
tained company e-mails and client 
information. Last winter, a laptop 
stolen from a bank’s 
principal data-processing provider 
was found to contain the names, 
addresses and Social Security num- 
bers of about 43,000 customers. In 
addition, laptops stolen from the 
office of a bank consultant contained 
the names, addresses and Social 


Security numbers in customers per 


sonal line-of-credit accounts. 


For these and other reasons, many 
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al Frequency 


analysts and vendors 


agree that enterprises must develop policies and procedures 


ty of mobile devices and data. “We find 


zations are at th 


stage where they can 


Once the wireless genie 


° 


is out of the bottle, the 
issue becomes balancing 


the organization's need 


need for access 


for security against users’ 


begin to make an enterprise decision as to what they will need 


to secure mobile and wireless users, either short or long term,’ 


says Mary Van Zandt, director of strategic marketing with 


Credant Technologies, an Addison, Texas-based supplier of 


security and management software designed to protect mobile 





BLUETOOTH: An 

open specification for 
seamless wireless short-range 
communications of data and 
voice between both mobile 
and stationary devices 

For instance, Bluetooth 
specifies how mobile phones, 
computers and PDAs 
interconnect with each other, 
with computers, and with 
office or home phones. The 
first generation of Bluetooth 
permits data exchanges up 

to a rate of 1Mbps 
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devices and wireless access. 

E-mail is the No. | application 
on which enterprises will spend 
money in 2004 for mobile and 
wireless access, according to 
International Data Corp’s (IDC) 
2003 Wireless and Mobile 
Enterprise Survey, followed by 
customer relationship manage 
ment and sales force automation 
applications. 

About 70 percent oi the ID¢ 
survey respondents reported that 
they currently provide mobile 


enabled e-mail for some of their 


users, and almost 43 percent of 

survey respondents currently pro 
vide wireless e-mail to at least some users. (The percentages 
include e-mail accessed via the Web). That access is provided 
mainly to a small tier of employees, and analysts estimate that 
only 5 percent of the total corporate population currently has 
access to wireless e-mail. 

Once the wireless genie is out of the bottle, the issue 
becomes balancing the organization’s need for security 
against users’ need for access. 

“The trick is finding that fine line of controlled anarchy,’ 
says Steve Robb, vice president of Atlanta-based XcelleNet, a 
mobile and wireless systems and security management plat 
form provider that is now part of Sybase’s iAnywhere 
Solutions subsidiary. “I don't see IT having the ability to exert 
full control again. The best IT can hope for is to limit the range 
of devices and say if you pick within this range, you'll get solid 
support and we'll meet your service requirements. If you don't, 


youre on your own.” 


Pete Bartolik is principal of Bartolik Communications and 
a former news editor of Computerworld and editor-in- 
chief of Lotus Magazine. 
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WIRELESS 
MOBILITY, ree tne past coupe o 


years, has come down to a choice between a phone hand- 
set that did data poorly or a compact data device with awk- 
ward telephony functions. While that disparity may not 
change, the choices and usability within each category 
should vastly improve as vendors try to deliver on the 
promise of converged data and voice technologies. 

“The enterprise will most likely look for something that 
is PDA-like with a three- to four-inch screen that can 
manipulate content,’ says Kevin Burden, program man- 


ager for International Data Corp’s mobile devices services. 


“When it comes to the enterprise, it’s pretty clear that if 
mobile devices are intended to be a platform to mobilize 
back-end applications, the device has to be more data-cen 
tric, something that can display data in a meaningful way 
and allow users to interact with it. The question then 
becomes to what extent will enterprise users use these 
devices as their primary mobile phone?” 

In presentations early this year, Intel flaunted its vision 
of the future with a reference design called Carbonado 
(now officially named the Intel 2700G Multimedia 
Accelerator Reference System). Based around the com- 
pany’s newly announced PXA270 processor and 2700G 
multimedia accelerator, Carbonado features a four-inch, 
64K color, 640-by-480 resolution TFT LCD touchscreen 
that Intel says will provide PC-like, 3-D gaming and video 
streaming on handhelds. Furthermore, according to 
remarks made by Intel President and Chief Operating 
Officer Paul Otellini at the 3GSM World Congress 2004 in 
February, Intel wil! integrate that video and graphics capa 
bility into discrete silicon in 2005 and into phones and the 


application processor itself in 2006. 


MORE POWER TO YOU 

Whether in the form of a smart phone or a PDA with some 
form of connectivity, mobile and wireless devices are with- 
out doubt becoming more versatile and powerful. And with 
semiconductor manufacturers intent on integrating mul- 
tiple radio technologies into chips and chip sets, that trend 
will continue. Intel, for one, is planning to make WiMax an 
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ROAD 
AHEAD 


option on its Centrino mobile technology platform in 2006 and 
is considering making 3G an option on that platform as well. By 
2007, Intel plans to integrate WiMax into silicon. 

Based on their lackluster sales, though, the future of tablet 
PCs is still in question. In both size and functionality, tablet 
PCs fit somewhere between PDAs and smaller notebooks. 
However, since these devices have been shipping for just over a 
year, it’s too early to gauge their success or failure. Many ana 
lysts and vendors provided anecdotal evidence that tablet PCs 
are catching on in vertical industries — particularly pharma- 
ceuticals, healthcare, manufacturing and warehousing, where 


interest is strong in digital forms processing. 


GETTING PERSONAL 

Connecting the various devices in users’ hands involves wide- 
area networks, metro-area networks, local-area networks and 
personal-area networks (PANs). PANs — or wireless personal- 
area networks (WPANs) expand on the Bluetooth PAN concept 
to allow a significant number of digital devices within a range 
of 1 to 50 meters to communicate with each other in an ad-hoc 
network. 

Not everyone agrees with the manner in which this topo- 
logy is being positioned. “The word ‘network’ is misleading, 
because it implies it’s a cheap wireless LAN? says Richard 
Stone, wireless and mobility solutions manager for Hewlett- 
Packard Co’s Americas group. “To us, it’s a cable replacerment 
technology.’ Bluetooth, he notes, also got a bad rap initially 


because it was oversold by industry. 


PRESENCE OF MIND 


With a multitude of devices able to tap into personal-area, 
local-area and wide-area networks, enterprises are faced with 
the increasingly difficult challenge of keeping track of assets 
and their locations. What’s more, they must also control what 
information can be used on what devices and in what location. 
That's where location-aware, or presence-management, ser- 
vices come into play. 


One vendor whose software makes wireless networks and 


mobile applications location-aware is PanGo Networks of 


Framingham, Mass. “{We know] every movement that a device 


makes into a space that we've enabled,’ says Rick Thomas, 


PanGoss vice president of marketing. “We know when that 


device moves in and when it moves out 

While that information gives companies the ability to track 
mobile and wireless devices in an enterprise, it also creates 
opportunities for new types of applications. For example, the 
University of Georgia’s New Media Institute chose PanGo to 
enhance its outdoor WLAN throughout Athens, Ga. — mark- 
ing the first outdoor deployment of intelligent, location-based 
WLAN systems and applications. 

“The key to continued popularity of Wi-Fi and mobility 


technology like 3G is going to be based on presence manage- 


| 
ment and identity management,’ says Eric Bruno, vice presi- 


dent of product management with Verizon’s Enterprise 
Solutions Group. “Basically, you're keeping Wi-Fi users away 
from sensitive applications. Regardless of your concerns, if you 
can manage identity management in that fashion, you can do 
things like keeping patient records from ever transiting a pub- 


lic network.” 


WIRELESS FUTURES 


Wireless Infrastructure and 
Application Services Spending 


($ billions) 
$35 


30 2002-2007 
CAGR 
25 17.7% 


20 


‘0607 


SOURCE: IDC 2003 





ray oa) 


Trade in your old hardware and get cash back toward a PC that adapts to the way you work—the HP 
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recommend a tougher product—the HP Rugged Tablet PC tr3000—a durable, industrial-grade tablet PC. HP offers more than reliable hardware; 
we can also design complete mobility solutions, backed up by a worldwide network of service and support. Demand more than a PC that works 
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rearrange the business model of sell- 
ing music. 

With the record companies taking 
two-thirds of the money, margins for 
stores are going to get squeezed. They 
are already razor thin, and promotional 
deals, chargebacks for unsold invento- 
ry and co-op advertising seem ridicu- 
lous when a consumer can point, click, 
sample and buy. This lesson wasn’t 
wasted on Wal-Mart, which now 
charges 88 cents to download a song. 

OK, Wal-Mart may not be a teen- 
ager’s idea of cool, but its downloads 
are among the cheapest you can find. 
And it could be that the only thing 
that’s more appealing than a cheap 
download is a free one. One of the 
hottest albums of the year is Danger 
Mouse’s Grey Album, a remix of Jay-Z’s 
Black Album with the Beatles’ so-called 
White Album. The Grey Album exists in 
a legal limbo, since Danger Mouse was 
working without permissions, so you 
can’t buy this music in stores. But until 
EMI pressed its legal case (it owns the 
rights to the White Album), the Grey 
Album was downloaded via the Inter- 
net more than a million times. 

That’s a lot of downloads. But it’s 
nothing next to the sales that music re- 
tailers and the big labels will miss out 
on unless they get hip to technology. 


@ 46935 


MICHAEL 
GARTENBERG 


The 
Near-Perfect 
Laptop 


OMETIMES a product is 

great because it changes 

things in a radical way. 
The original Macintosh, TiVo 


digital video recorders and 
BlackBerry e-mail devices all fall into 
that category. But sometimes a product 
enters an established category and 
simply does it better than anyone else. 
Apple’s iPod is like that for music, and 
the IBM ThinkPad X40 redefines the 
laptop experience. 

This ThinkPad is one of the best 
notebooks I have ever used. What 
makes it so great? It’s all in the atten- 
tion to details. Weighing in at a little 
over 2.5 lb., the ThinkPad X40 compro- 
mises on nothing. The keyboard is full- 
size and a dream to type on. All the 
keys are where they belong. The 12-in. 
display is Extended Graphics Array 


and beautiful to read. Wi-Fi 
(both lb and lg) and Blue- 
tooth provide connectivity, 
and there’s a real VGA port, 
so no dongle is required. 
But there’s more. A high- 
capacity battery adds a little 
less than a half pound of 
weight and about three 
quarters of an inch to the 
length but gives me nearly 
seven hours of battery life. 


| Yes, seven hours. I was able 


to work during an entire 
cross-country flight, with 
battery life to spare for the 
first time. 

Then there’s Access IBM, 
a small blue button that 
sends you to a control cen- 
ter to schedule backups, re- 
store your system, config- 
ure roaming profiles and 
more. If you press it while booting, 
you're taken to a special Linux parti- 
tion that lets you restore your system 
to factory conditions (or from a back- 


up you have created) or 
gain access to files ona 
corrupted Windows parti- 
tion. My favorite feature of 
this partition: a full version 
of Opera that will let you 
plug in an Ethernet cable 
and get Web access. As an 
experiment, I crippled 
Windows so it wouldn’t 
boot and then went into 
this partition, where I was 
able to check my Web mail 
and copy a PowerPoint file 
from a backup that I had 
made to a USB hard disk. It 
all worked — flawlessly. 
(Now, I could argue that 

if Windows were better 
made, we wouldn’t need all 
the protection. But it’s not 
and we do, and this stuff 
from IBM just works.) 

The help system is also amazing. 
While configuring Bluetooth, I real- 
ized that the machine ships with the 
anemic Windows XP Bluetooth stack. 


| A quick look in the help file revealed 
| IBM’s clear instructions on how to dis- 
| able the Microsoft stuff and put on an 


alternative set of drivers. Oh, and all of 
them were included on disk. There 
were even directions on how to put the 
| Microsoft stuff back, although why you 
| would do so is beyond me. 
So, what’s not perfect here? Not 
| much. If you need an integrated opti- 
| cal drive, this might not be the ma- 
| chine for you (although there is a 
| USB-powered DVD burner available 
as well as a media slice that when 
| added still keeps the machine to under 
| 41b.). It’s not a tablet, so there’s no 
| pen-based computing, and it could 
use a FireWire port. 
| But those are minor quibbles. If 
| you're tired of lugging a heavy laptop 
| but don’t want to make compromises, 
| this is the machine to get. @ 46552 
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Examine Desktop 
Open-Source Costs 


ULIA KING’S article on Weath- 

er.com’s shift from proprietary 
software, “A Sunny Forecast for 
Open-Source” [QuickLink 46065], 
would have been better titled “A 
Sunny View on a Cloudy Future.” 

By this point, we are all aware of 
open-source’s cost benefits in the 
Web server arena. What remains 
cloudy is how well open-source can 
garner support for turnkey applica- 
tion services and desktop clients. 
To date, this remains very much a 
question that continues to be disre- 
garded by trade magazines, which 
instead offer glowing success sto- 
ries about Web services migrations 
to open-source. 

Server operating systems and 
desktop operating systems contin- 
ue to fulfill different needs - a fact 
that even Microsoft seems to be 
acknowledging of late. 

How can anyone equate savings 
in what appears to be a server- 
heavy environment to a more com- 
monly found client-heavy environ- 
ment? You can’t without more in- 
depth analysis. A one-third savings 
in IT costs is meaningless without 
an understanding of what consti- 
tutes IT costs. If Weather.com does 





not consider desktop hardware, 
software and support to be IT costs, 
then the cost savings realized are 


| likely to not be realized by other or- 


ganizations that follow the example 
presented. However, if Weather.- 
com does include the full cost of 
desktop support in its IT numbers 
and these systems outnumber 
servers in proportion to average 
businesses, then a sunny forecast 
is indeed at hand. 

Alan Mercer 


| Baltimore 


Confronting the 


| Spyware Stampede 


HILE reading your May 3 arti- 

cle on spyware by Robert L. 
Mitchell [“Spyware Sneaks Into the 
Desktop,” QuickLink 45702], | no- 
ticed a reference to PestPatrol. 
Wanting to find out more about that 
product, | did a Yahoo search. By 
the time | had finished, the anti- 
spyware program on my home 
computer had found five new spy 
programs installed! 
Ray Stann 
Huntington Beach, Calif. 


READ with great interest the arti- 
cle on spyware. (Ironically, | spent 
about 15 minutes removing 295 ad- 





ware remnants from a co-worker's 
machine this morning.) | noticed 
that the tips list missed the biggest, 
easiest and fastest fix to prevent 
getting more spyware: Don't use In- 
ternet Explorer to surf the Web. Co- 
workers have told me that Mozilla 
Firefox/Firebird solved their adware 
problem completely. 

Karl Kittler 

Webmaster, Lancaster News- 
papers Inc., Lancaster, Pa., 
kkittler@Inpnews.com 


Compliance Step 1: 
Risk Assessment 


EVELOPING a framework 

to support a proactive risk- 
assessment process is a best prac- 
tice any organization can follow 
(“Deadline Rush Delays Internai 
Improvements,” QuickLink 46115]. 
It is fundamental to achieving com- 
pliance and maintaining it. 
Vaune M. Carr 
Architect director, 
Chicago Consulting Group, 
vmcarr@hushmail.com 


Inaccurate to Call 
Netsky a Worm 


ETSKY is not a worm [“Experts 
Weigh Sasser-Netsky Worm 


Connection,” QuickLink 46656]. lf 
anything, it is a virus/worm, with the 
emphasis on virus. 

The key difference is that it prop- 
agates through e-mail. The only vul- 
nerability it exploits is the Internet 
user who is dumb enough to exe- 
cute the attachment or use Outlook 
when it isn’t necessary 

It is important to keep the label- 
ing straight to contain confusion 
No human interaction is required for 


| areal worm like SQL Slammer, 





| Blaster or Sasser. These are the real 


nasties. Expect more of them. 


| Matthew Carpenter 
| Securitynetwork consultant, 


Enterprise Information 
Systems, Grand Rapids, Mich., 
matt@eisgr.com 


COMPUTERWORLD welcomes 
comments from its readers. Letters 
will be edited for brevity and clarity. 
They should be addressed to Jamie 
Eckle, letters editor, Computerworld, 
PO Box 9171, 500 Old Connecticut 
Path, Framingham, Mass. 01701. 
Fax: (508) 879-4843. 
E-mail: letters@computerworld.com. 
Include an address and phone num- 
ber for immediate verification. 

For more letters on these and 


other topics, go to 
www.com 








CONSIDER YOUR NATIONAL RESERVATIONS NETWORK. Consider the dots connected. 


Now we can design, deliver and manage a data integration system that 
brings it all together. Converge every kind of business network - dealers, 
brokers, suppliers, customers - across platforms, across America. All on 
the strong, reliable backbone of ttle SBC network. To connect the dots 
coast to coast, talk to your SBC account representative. sbc.com/dots 
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ROBUST OBJECTS 
AND ROBUST SQL 


A RARE SIGHT I 
DBMS PRODUCT 


For your next generation of applications, move 
to the next generation of database technology. 

Caché is the post-relational database that com- 
bines high-performance SQL for faster queries and 
an advanced object database for rapidly storing 
and accessing objects. With Caché, no mapping 
is required between object and relational views of 
data. That means huge savings in both development 
and processing time. 

Applications built on Caché are massively scala- 
ble and lightning-fast. Plus, they require minimal 
or no database administration. 

More than just a database system, Caché incor- 
porates a powerful Web application development 


Loi 
im 
Lit 


environment that dramatically reduces the time to 
build and modify applications. 

The reliability of Caché is proven every day in 
“life-or-death” applications at thousands of the world’s 
largest hospitals. Caché is so reliable, it’s the leading 
database in healthcare — and it powers enterprise appli- 
cations in financial services, government and many 
other sectors. 

We are InterSystems, a specialist in data manage- 
ment technology for twenty-five years. We provide 
24x7 support to four million users in 88 countries. 
Caché is available for Windows, OpenVMS, Linux and 
major UNIX platforms — and it is deployed on systems 
ranging from two to over 10,000 simultaneous users. 


InterSystems F 


CACHE 


Make Applications Faster 


Read or request a copy of the Baroudi/Bloor white paper “The Failure of Relational Database, 
The rise of Object Technology and the Need for the Hybrid Database.” at www.InterSystems.com/cworld 
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EMERGING TECHNOLOGY | Q&A 


Trumping Tape Rules for Success 
Backup appliances that use Pegasystems CEO Alan 
massive arrays of idle disk Trefler discusses why 
technology could displace companies should focus 
tape libraries for some on business rules and 
near-line and archival data 


FUTURE WATCH 


IT vs. Fog of War 


Can software cut through the chaos called the 
fog of war? Researchers are turning to video 
games like Tom Clancy’s Rainbow Six (left) to 
develop tools to help military leaders and secu- 


functions. Page 28 
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MRM system freed managers 
of mundane tasks so they 
ree OMU Meme Cea) 
marketing campaigns. 


Marketing 


processes rather than on 
data structures. Page 30 


rity professionals manage teams during stressful 
situations. But some say it won’t work. Page 32 


Marketing relationship management 
software can boost productivity and 
campaign effectiveness, but successful 
deployments must overcome technical 
and cultural hurdles. BY DREW ROBB 


INDA HECHT FACED a 

disconcerting fact: Sales 

success was leading to a 

marketing failure. “As we 

grew and added more 

people to marketing, we 
hit a limit on productivity,” says Hecht, 
director of marketing at geographic 
information systems vendor Environ- 
mental Systems Research Institute Inc. 
(ESRI) in Redlands, Calif. “No matter 
how many more people we added to 
marketing, we couldn’t become more 
productive.” 

Hecht has a marketing staff of 180, 
but with 40 products to market to 40 
industries worldwide, she couldn't 
manage the workload. “It got to be im- 
possible for us to do any long-term 
campaigns, since we had no way of 
managing the results,” she says. 

Last year, ESRI turned to marketing 
resource management (MRM) soft- 
ware to automate routine actions and 
improve strategic planning. “Before, 


Program 


oes 


we had a system that could do e-mails, 
but not campaigns. Now we are getting 
our marketing managers to start de- 
signing and building campaigns rather 
than just mailing something out,” 
Hecht says. 

MRM tools, provided either as ex- 
tensions to CRM packages or as stand 
alone offerings, are designed to incor- 
porate every aspect of marketing, from 
initial concept through the evaluation 
of completed campaigns. While the 
number of MRM implementations is 
still relatively small, analysts expect 
strong growth in this area as compa- 
nies look to extend efficiencies gained 
in traditional CRM strongholds, such 
as sales force automation. 

“Marketing is one of the last bas- 
tions of full right-brain creativity, no 
holds barred and no accountability,” 
says Robert Blumstein, an analyst at 
market research company IDC in 
Framingham, Mass. 

“In a more budget-conscious era, 
MRM will let marketing stand up to 
scrutiny on ROI so it can gain the 
funds it needs,” he adds. But users say 
that a gradual approach is best when 
bringing these tools into play. 


A Logical Extension 

MRM follows in the footsteps of enter- 
prise tools such as ERP, CRM and sales 
force automation that automate and 
standardize business processes. Like 
those tools, MRM software uses a cen- 
tral database and establishes workflow 
procedures. The database contains the 
information on potential customers. 
MRM involves workflows for creating 
and executing marketing campaigns, 
including budgeting, designing promo- 
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tional pieces, generating mailing lists 
and tracking marketing responses. Pro- 
grams often include analytic features 
that help measure the results of cam- 
paigns and frequently hook into other 
enterprise applications. 

MRM tools work well when address- 
ing specific marketing challenges. For 
instance, ESRI was struggling to con- 
vert leads into sales. Only 2% of its 
prospects purchased products. The 
company wanted a system that would 
guide prospects along until they were 
ready to buy and weed out those who 
weren't good prospects. 

ESRI has been using software from 
Aprimo Inc. in Indianapolis to manage 
campaigns for specific products and 
industries, as well as to manage regis- 
tration and follow up on the roughly 
1,000 workshops and trade shows the 
company conducts or exhibits at annu- 
ally. It has built questionnaires into the 
system for sales prospects to answer 
online. Depending on the responses a 
prospect gives, ESRI sends him sales 
materials or forwards his information 
to the CRM system as a prequalified 
lead. By tracking a prospect’s respons- 


es through each step and taking the ap- | 
| Since its objective was to market films 


propriate action, ESRI says it raised its 
sales conversion rate to 30% over the 
past year. 

But to get to that point, ESRI had to 
clean up and consolidate the databases 
that the MRM system needed to inter- 
act with. Information on 1.7 million 
customers and prospects was originally 
spread among a dozen databases. ESRI 
consolidated it by pulling data from an 
SAP ERP system into its CRM system 
before migrating that data into Apri- 
mo’s SQL Server database. 


Brand Loyalty 


While Hecht needed to manage sales to | 


enterprise customers, Dennis Upton’s 
concern was maintaining brand loyalty 
among customers without cutting out 
retailers. Upton is CIO at Brother In- 
ternational Corp., a Bridgewater, NJ.- 
based vendor of electronics products 
for consumers and small businesses. 
Brother already used SAP AG’s mySAP 
CRM software, so Upton decided to 
use that package’s MRM features. 

Brother collects customer data from 
product-registration cards and service 
calls and records it in databases for 
e-mail follow-ups. For example, a cus- 
tomer who purchases a printer might 
receive an e-mail when a new driver is 
available. The problem lay in coordi- 
nating those notification efforts. 

“We have stringent opt-in policies 
and rules that customers don’t receive 
more than one e-mail every two 
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months,” says Upton. But with cus- 
tomer names appearing in multiple 
databases, those rules were hard to 
enforce. 

It also took longer to create market- 
ing campaigns, since the process in- 
volved querying several databases to 
assemble a list. Like Hecht, Upton 
started by cleaning up and consolidat- 
ing assorted databases into a data 
warehouse. And it took about five 
months to test and configure the soft- 
ware, including writing the code to 
pull data from other sources and 
populate the data warehouse. 

Once that was completed, however, 
the time required to create a marketing 
campaign dropped from 80 hours to 
just two. “By improving the opera- 
tional efficiency, we have been able to 
run a lot more campaigns than before,” 


says Upton. 


Hollywood Ending 

United International Pictures (UIP) in 
London, the international distribution 
arm for Universal Studios, Paramount 
and DreamWorks, didn’t bother to un- 


| dertake a database cleanup and consol- 


idation project to make way for MRM. 


in 52 territories worldwide, UIP in- 
stead decided to standardize processes 
and workflows so employees could 
spend more time on marketing and 
less on administrative tasks. 

“There is an immense flow of infor- 


There is.an 

immense flow 

of information 
from the studios and 
headquarters to the 
territories. We have 
exceptionally short 
deadlines and needed 
a way to turn around 
approvals very quickly. 


ROBIN STURM 


mation from the studios and headquar- 
ters to the territories,” says Robin 
Sturmey, UIP’s marketing systems 
manager. “We have exceptionally short 
| deadlines and needed a way to turn 

| around approvals very quickly.” 

A multiyear effort to achieve this is 

| under way, with completion expected 
next year. UIP didn’t do a database 
cleanup, but it did have to integrate its 
Aprimo MRM tool with a proprietary 
sales and distribution financial data- 
base called Midas. Aprimo pulls movie 
titles, release dates and other informa- 
tion from this database, and the staff 

| uses the software’s budgeting tools to 
plan film budgets and feed that data 

| back into Midas. The MRM software 
runs on a dedicated server at head- 
quarters that users access via a Web 





Buying Into MRM 


Vendors offer a wide variety of MRM func- 
tions in their products, but Gartner analyst 
Kimberly Collins says IT managers should 
concentrate on five areas: planning and 
budgeting, creation of assets, collection and 
management of assets, fulfillment and distri- 

Vendors often emphasize one or more of 
these but typically don’t have a lot of depth 
in all of them. 

“Companies need to look at what their 
requirements are for those five functionality 
pieces, which areas are they trying to solve, 
and then assess the vendors against those 
needs,” Collins advises. 

While some vendors focus exclusively on 
MRM, others take a different approach. Ven- 
dor offerings fall into four basic categories. 
Here's a sampling of what's available: 


BEST-OF-BREED PRODUCTS offer 
strengths in specific MRM niches or vertical 
markets. Vendors include SmartPath Inc. in 


York-based DoubleClick Inc.), Veridiem Inc. 
in Maynard, Mass., and MarketingPilot. 


MARKETING AUTOMATION TOOL 
VENDORS offer products focused on auto- 
mating repetitive steps in the marketing 
process. These include Aprimo, Double- 
Click and Unica Corp. in Waltham, Mass. 


MAJOR CRM SOFTWARE VENDORS that 
incorporate some MRM functions in their 
products include Oracle Corp. PeopleSoft 
Inc., SAP and Siebel Systems Inc. 


DIGITAL ASSET MANAGEMENT TOOL 
VENDORS offer features for managing 
marketing assets. They include Artesia 
Technologies Inc. in Rockville, Md., EMC 
Corp.'s Documentum Inc. unit in Pleasan- 
ton, Calif., and FileNet Corp. in Costa 
Mesa, Calif. 

~ Drew Robb 
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browser. UIP also runs local copies of 
Aprimo at each regional office that 
provide updates to the London server. 
Sturmey has devoted much of his 
time to visiting offices to train staffers 
during the phased rollout. The first lo- 


| cations went live in April, in time to 


market summer films in 16 key regions. 
The rest will come online in the next 
year, he says. However, Sturmey says, 
“as with most things, there is some un- 
informed resistance, and people do 
tend to get kind of frustrated with any 
new system.” 


Starting Slow 

Another challenge lies in how man- 
agers establish internal procedures and 
train employees on the use of MRM 
systems. Kimberly Collins, an analyst 
at Gartner Inc. in Stamford, Conn., 
warns against trying to run before you 
can walk. “These are complex projects 
with many internal and external par- 
ticipants, and the real key is finding 
out where to get started, focusing on 
one or more pain points and growing 
the MRM solution over time,” she says. 

MRM may meet resistance because 
it enforces a certain structure that may 
be unfamiliar to users. 

Steve Rauchenecker, director of 
membership and marketing at the 
Healthcare Financial Management 
Association in Westchester, IIl., uses 
MarketingPilot MRM from Marketing- 
Pilot LLC in Evanston, Ill. Before de- 
ploying it, however, he set up dummy 
marketing campaigns to let his staff 
gain familiarity with the tools. “For a 
period of time, we let people run wild 
with those projects as well as creating 
their own so they could see how it 
worked,” he says. “After that phase, we 
were in great shape and could start 
moving forward with actual work.” 

At ESRI, Hecht doesn’t even make 
using MRM software mandatory. In- 
stead, she makes the tool available and 
lets staffers use it of their own volition. 
“We don’t force them to have every- 
thing go through Aprimo,” she says. 
Once the initial setup is done and the 
staffers are familiar with the software, 
however, most users are quick to admit 
that it makes their jobs easier. 

Rauchenecker says the end result is 
a more efficient operation. “Before, it 
took eight different spreadsheets and 
seven different folders to assemble the 
information for a campaign,” he says. 
“Now we just need to look at Market- 
ingPilot.” © 46722 





Robb is a freelance writer based in 
Los Angeles. You can reach him at 
drewrobb@sbcglobal.net. 
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OPTERON 
LEADS 


64-bit 
Revolution 


AMD's year-old processor is transforming the 
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industry-standard server. By Patrick Thibodeau 


l’S HARD TO OVERESTIMATE the 
importance of Advanced Micro 
Devices Inc.’s Opteron x86, 64-bit 
processor. In just over a year, the 
three major enterprise hardware 
vendors have built offerings 
around it, and AMD’s biggest com- 
petitor, Intel Corp., is producing 
its own version of the chip. Opteron is 
forcing change. 

What this means for users is this: 
The 32-bit-only processor is about to 
go the way of the 16-bit chip. “By year- 
end, we will be selling very, very few 
32-bit systems,” said Paul Miller, vice 
president for industry-standard servers 
at Hewlett-Packard Co. 

As users refresh or add industry- 
standard servers, they'll seed their data 
centers with 64-bit-capable x86 proc- 
essors. The pricing differences between 
current 32-bit boxes and those running 
on 64-bit chips will be negligible in the 
near future, so the reason for buying 
32-bit chips will gradually disappear, 
say vendors and analysts. Think of 64- 
bit capability as a free upgrade, ready 
for use when the applications arrive. 

Opteron has gained a lot of attention 
because it allows users to run 32-bit 
and 64-bit x86 applications on the 
same chip, giving users the flexibility 
to gradually move to the 64-bit world. 
But the chip also includes architectural | 
changes that may speed a 32-bit appli- 
cation’s performance. 

For now, early Opteron adopters like 
Aristotle Balogh, senior vice president 
of operations and infrastructure at 
VeriSign Inc. in Mountain View, Calif. | 
tend to have memory-hungry custom- | 
built applications. VeriSign already uses | 
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Intel releases the 386, the first 32-bit 
microprocessor 


el emma irst 64-bit processor, 
debuts, It’s built on a new architecture 
Explicitly Parallel lastruction Computing 


AMD releases Opteron, the 
first 64-bit x86-compatible chip 


Intel says it will add 64- 
bit extension technology to its Xeon proces- 
sor. Release is expected this summer. 


Microsoft is expected to 
release a 64-bit version of XP. 


many RISC- and Intel-based servers to 
support, among other things, directory 
services for the .com registry. It has 
been testing two- and four-processor 
Opteron systems, putting tremendous 
processing loads on them in a “beat the 
box up until it drops” test, and the chip 
has performed well, Balogh says. 
Balogh can get 64-bit capacity from 
RISC-based Unix systems. But a four- 
processor Opteron box with 32GB 
of memory will cost about $25,000, 
whereas a Unix box may cost more 
than $100,000. “With traditional Unix | 
vendors, it is a very expensive proposi- | 
tion,” says Balogh. 
The memory gain allowed by a 64- 
bit chip is a big advantage, but it’s not 
the only one. Opteron, which can run 
32- and 64-bit applications, is gathering 
support from some 32-bit users be- 





cause of how it’s designed. 

AMD has developed what it calls 
HyperTransport technology, which di- 
rectly connects the CPU to the memo- 
ry, eliminating the need for a bus. This 
reduces latency and speeds processing 
time, which is why Automated ‘Trading 
Desk LLC, a company that provides 
trading technology and financial trad- 
ing services, started using Opteron on 
Altus servers from San Francisco- 
based Penguin Computing Inc. 

Eric Hunter, senior Linux systems 
administrator at the Mount Pleasant, 
S.C.-based company, says it runs cus- 
tom-built applications that use a lot of 
memory, and “getting rid of the bottle- 
neck” between the memory and CPU 
was the main concern. “We just saw 
tremendous increases in performance 
in our test box,” he says. 

Sixty-four-bit processing power is 
suited to programs that require large 
data sets that need to go above a 32-bit 
processor’s 4GB memory limitation. 
Many of the applications taking advan- 
tage of this today are scientific and in- 
volve design and rendering. 

For instance, the University of Utah’s 
Center for High-Performance Comput- 
ing in Salt Lake City has been recompil- 
ing its 32-bit applications to 64 bits, us- 
ing a compiler developed by PathScale 
Inc. in Sunnyvale, Calif. This speeds up 
processing time by 10% to 20%, de- 
pending on the application — a signifi- 
cant gain for applications that run over 
many hours, said Martin Cuma, who 
is in charge of scientific application 
programming at the center. 

But most important for the universi- 
ty is the increased memory address- 
ability. Sixty-four-bit computing has 
enormous memory potential, calculat- 
ed two to the 64th power — many tera- 
bytes. Instead of simulations that have 
100 atoms, for instance, researchers 
can run them with 200 atoms. “All of 
these applications are really memory- 
hungry,” says Cuma. 


Applications Needed 
For users that don’t have animmediate | 
need for those memory gains, the ar- 
rival of 64-bit applications will drive 
adoption, says Don McPherson, net- 
work operating systems and database 
administrator for a nonprofit organiza- 
tion that he asked not be identified. 
McPherson says he can see a need 
for 64-bit memory because of the de- 
mands being imposed on databases. 
“We're pushing more data, and doing 
more things with databases,” he says. 
Analysts, vendors and users aren’t 
certain how long it will take 64-bit 
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operating systems that support x86- 
based 64-bit chips are arriving. There 
are 64-bit versions of Linux already 
available, and Microsoft intends to re- 
lease a 64-bit version of Windows XP 
by the end of the year. AMD and Intel 
are expected to be binary-compatible 
with Windows 64-bit. 

“We expect the transition to 64-bit 
software will be fairly slow,” says Jon 
Sharp, director of platform marketing at 
Intel, which plans to release its own x86, 
64-bit chip this summer, the EM64T. 
“The transition to 64-bit operating sys- 
tems will happen somewhat faster,” he 
says. “What people will care about is 
being able to run the two applications, 
32-bit and 64-bit, side by side.” 

Intel views its Itanium 64-bit chip, 
which uses a different architecture 
from x86, as a challenger to the high- 
end RISC systems. The chip has “mas- 
sively parallel resources,” larger cache 
and more memory bandwidth, says 
Sharp. For instance, Itanium is well 
suited for use in large, multiprocessor 
scale-up systems, which have been 
Unix’s domain, he says. 

It’s not a question of if people will go 
to 64 bits. “It’s a question of when,” says 
Paul Terry, chief technical officer at 
Cray Canada Inc., whose parent com- 
pany, Cray Inc., is building a 10,000- 
processor Opteron system for the U.S. 
Department of Energy’s Sandia Nation- 
al Laboratories. @ 46790 
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Congratulations Winners! 


Winners in each of the following categories are: 


Business-critical Applications 
- Barnes & Noble - New York, New York 
- Cedars-Sinai Medical Center - Los Angeles, California 


Honorable Mention: Continental Airlines - Houston, Texas 


Expanding Wireless Mobility to Achieve Better ROI 
on Technology Investments 

- Fidelity Investments - Boston, Massachusetts 

- UNICCO Services Company - Newton, Massachusetts 

Honorable Mention: San Antonio Metro Health Dept. - Austin, Texas 


Business Transformation 
- CSX Transportation - Jacksonville, Florida 
- Honeywell - ACS Service - Golden Valley, Minnesota 


Honorable Mention: Union Pacific Railroad - Omaha, Nebraska 


Wireless as a Competitive Advantage for SMB and/or 


Companies in Emerging Markets 
- OrthoRehab, Inc. - Tempe, Arizona 
- Shared P.E.T. Imaging - Canton, Ohio 


Honorable Mention: Air Technologies - Columbus, Ohio 


Office of the Future 

- Allstate Insurance - Northbrook, Illinois 
- NYK Logistics - Carson, California 
Honorable Mention: MBSi - Phoenix, Arizona 
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lape 


TLOOK: Massive 


arrays of idle 


disks are giving a boost to disk-based 
backup systems, which could replace 
tape libraries for some applications. 


BY LUCAS MEARIAN 


Massive Arra ne of 
Idle Disks (MAID) 


ee aren Mt Gai hctt| 
backup and archiving appliances 
that power down idle disks to 
extend media life. Lower power 
requirements and less heat allow 
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to $5 per gigabyte, MAID still costs 
more than tape libraries. Disk media 
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N THE ONGOING STRUGGLE 
to automate and speed data 
backups and restores, storage 
administrators are increasing- 
ly turning to Advanced Tech- 
nology Attachment disk sub- 
systems. Now two vendors 
are pitching the idea of using special- 
ized ATA disk backup appliances as an 
alternative to robotic tape autoloaders 
for handling large volumes of archival 
storage. Both are using specialized 
ATA disk array technology to lower 
the cost per gigabyte of disk-based 


storage and extend the life of backup 

| disk drives, making them more attrac- 
tive for archival and near-line storage. 

The vendors, Longmont, Colo.-based 
start-up Copan Systems Inc. and Santa 
Clara, Calif.-based Exavio Inc., claim 
that this new technology, dubbed 
MAID, for massive arrays of idle disks, 
is competitive with tape and 
offers faster and more reli- 
able access to data. MAID 
systems use arrays of ATA 
disk drives that power 
down when idle in an effort 
to extend media life. By 
spinning up only when they write or 
read data, the arrays use less power, 
mitigating heat issues and allowing 
drives to be packed more densely into 
the system. Idle disk drives require 
about 10 seconds to spin up, but once 
online, they provide faster access to 
archived data than tape does. 
Although powering up disks as need- 

ed can extend useful life, disks that re- 
main inactive for long periods tend 
to develop problems spinning up. To 
avoid this, MAID arrays can periodical- 
ly power up all drives to relubricate the 
mechanics, Copan says. Drives are hot- 

| swappable, and the systems support 
RAID for fault tolerance. Prices range 
from $3 to $5 per gigabyte, depending 

| on the configuration, the amount of re- 

| dundancy and total capacity. 


EMERGING 
TECHNOLOGIES 


Steve Curry, architect for storage 
operations at Yahoo Inc. in Sunnyvale, 
Calif., is considering buying Copan’s 
Revolution 200T MAID array to cut 
the use of some 350 tape drives by 
half. By doing so, he hopes to improve 
reliability. “We see [one or two tape 
drive] failures every day. To us, it’s not 


| superunreliable, but it still has me- 
| chanical properties and does break 


down, which requires manual inter- 
vention,” Curry says. 


| Archiving to MAID 


Today Yahoo ships archival tapes to 
an underground storage facility run by 


| Boston-based Iron Mountain Inc. Cur- 


ry wants to locate a MAID array at the 


| backup facility and archive to it direct- 
| ly using a Fibre Channel or Fibre Chan- } 


nel-over-IP link. “From our calcula- 


| tions, it’s looking like it’s doable. We 
| are just waiting for someone to build 


a product that works as advertised,” 


| he says. 


Copan’s 200T, announced last 


| month, emulates a virtual tape library. 


It will scale to 224TB and restore 
2.4TB of data per hour — about five 
times faster than tape access speeds — 
while keeping only one in every four 


| drives powered up and online at any 


one time. The basic 56TB configura- 
tion, which includes 224 7,200 rpm, 
250GB Serial ATA disk drives mount- 
ed in a single rack, will ship in the 
third quarter and sell for $196,000, or 
about $3.50 per gigabyte, according 
to Aloke Guha, Copan’s chief technol- 
ogy officer. 

Exavio’s ExaVault array is primarily 
marketed as a device for 
near-line storage and 
streaming of multimedia 
content, although the com- 
pany claims that the array 
can also emulate a tape 
backup system. ExaVault, available 
now, uses 300GB, 5,400 rpm and paral- 
lel ATA disk drives arranged in a sin- 
gle rack with one controller and a 
Fibre Channel or Gigabit Ethernet 
interface. Configurations range from 
3TB to 120TB. A basic unit including 
a controller and 3.6TB of storage is 
$27,700; additional modules are $6,600 
per terabyte, says Kevin Hsu, Exavio’s 
director of marketing and product 
management. 

Despite MAID’s advantages, digital 
tape libraries remain the cheaper form 


| of storage, at about $1.25 to $4.50 per gi- 


gabyte, according to Fred Moore, presi- 


| dent of Horison Information Strategies 
| in Boulder, Colo. The low cost of tape 
| and the fact that tape cartridges can be 


easily removed and stored off-site are 





| Most disk drives in Copan’s Revolution 200T 


backup appliance spin up only when needed, 
preserving media life. The compact design fits 
14 drives per tray and supports up to 894 drives 
(224TB) in a single rack. A similar technology is 


| used in Exavio’s ExaVault product. 


the medium’s most attractive features. 
In contrast, the individual disk drives 
that make up MAID appliances are 
bulkier and more fragile. 

Hsu acknowledges that MAID sys- 
tems cost more per gigabyte than tape 
libraries but argues that they are less 
expensive to run overall. “Terabyte 
for terabyte, tape is cheaper than 
MAID. If you look at total cost of 
ownership ... you have to look at ro- 
botics, manpower, replacing the tape 
heads, maintenance costs. MAID is 
cheaper,” he says. 

Robert Amatruda, an analyst at 
IDC in Framingham, Mass., disagrees, 
saying that tape still provides a lower 
total cost of ownership overall. “You're 
looking at a lot less money. It’s still a 
compelling solution,” he says. 

Both Exavio and Copan are develop- 
ing portable versions of their systems. 
Copan, for example, is working on spe- 
cial shock-proof disk enclosures that 
could be transported off-site. Drives 
would be stored remotely in a Revolu- 
tion 200T shell chassis that would spin 
up the drives periodically to keep them 
conditioned for use. 

But Amatruda eyes such portability 
designs with skepticism. “You drop 
some of that stuff and there could be 


| data integrity issues,” he says. “At the 


end of the day, disk and tape will play 
a complementary role.” @ 46527 
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In its 21-year history, 

Pegasystems Inc. in 

Cambridge, Mass., has 

evolved from an excep- 
tion processing vendor to a major player 
in business process management (BPM) 
software, one of the liveliest corners of _ | 
the strong business-intelligence market. | 
Pegasystems founder and CEO Alan | 
Trefler says the common thread through 
the company’s development has beena | 
focus on business rules and processes 
rather than the traditional IT concen- | 
tration on data and how it’s organized. | 
Trefler discussed the need to make sys- 
tems smarter and more able to make or 
support decisions with Computer- 
world’s Tommy Peterson. 


What's the path from exception processing 
to business process management? I’ll give 
you some context. When I went to col- 
lege and studied computers in the ear- 
ly ’70s, I got involved with teaching 
computers to play chess, which at that 
time was considered a very hard thing 
to do. I became fascinated with what it 
would mean to teach a computer to 
take a complicated, human-associated 
activity like chess and be able to do it 
effectively in a way that you could not 
just rigorously program, that you need- 
ed to do by teaching the computer cer- 
tain processes. Then, when I graduat- 
ed, I went into computers and began 
working in the late ’70s for firms that 
did consulting mainly in the financial 
services industry. I was struck by how 
stupid the systems were, how they 
were just glorified recording systems. 
They really were about record keeping 
as opposed to being about the rules 
and processes of doing the business. 


You say you wanted to build smarter sys- 
tems, but didn’t the technology of the early 
"80s limit your options? The systems we 
had been building had been about 
recording information and presenting 
information; they weren't really about 
driving process and making decisions. 
So I started Pega as an expert system 
company in 1983, with the idea of being 
pragmatic about getting intelligence 
into systems by picking a couple of 
very specific problems to work on. We 





were limited by how fast computers 
were in the early and mid-’80s. We ac- 
tually ran our first customers on a 
DEC VAX 780, which was about the 
size of [a conference table] and had a 
tenth of the power of [a laptop PC to- 
day]. It takes computer cycles to be 
smart. So we decided to go after excep- 
tions, because exceptions involve 
smaller groups of people [and] typical- 
ly involved only a percentage or two of 
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the transactions, but were very com- 
plex and very high-value. So we went 
into the business of exception manage- 
ment because it represented an early 
way to do business process manage- 
ment and business rules without trying 
to boil the ocean. 


How did you move beyond exception proc- 
essing? As we came into the 90s, ma- 
chines had gotten a lot faster, and our 
knowledge had gotten better, and we 
understood it. So what Pega did in the 
early 90s was to start looking for other 
ways beyond exceptions to go after 
more mainstream processes. We began 
to do things around fulfillment. We 
started getting into cali centers, and 
we started driving beyond financial 
services into health care. In the 90s, 
we took our traditionally exception- 
focused processes and approach to be- 
ing much more of a whole business. 


Where does that leave your company in rela- 
tion to BPM in 2004? We think the de- 
sign we came up with for the fourth 
generation of applications is pretty 





Rules for 
Success 


revolutionary. It takes the notion of en- 
terprise rules and enterprise processes 
and puts it into the hands of the busi- 
ness user. So it’s not just that systems 
can be smarter, but the business users 
can have more control, and the busi- 
ness users can do what we call build 
for change. It’s an approach that uses 
very avant-garde technology around 
Java and distributed systems, with the 
underlying premise that the only way 
businesses take the next step is to af- 
ford business people greater control. 


Why has it taken so long for companies 
to focus on the business processes and busi- 
ness rules? The miracle of the ’80s and 
90s happened when companies’ 
records became data and information. 
When we electronified them, we made 
them accessible. The whole way we 
think of the problem traditionally is 
around this electronification of data, 
which is incredibly important but is 
only half a loaf. The other half has to 
do with policies, which were still ma- 
terially in people’s heads. 

In the ’80s, CPUs were scarce re- 
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sources. Now the number of CPU cy- 
cles that sit idle every day in a busi- 
ness outweigh those that are used by a 
factor of a thousand. That change, cou 
pled with an enormous increase in 
power, makes it possible to do so much 
more. In order to be smart, the system 
has to be able to help operationalize 
the business process, not to just tell 
people what happened, but to help 
people actually do the work. Tradition- 
al systems make the user conform to 
the system. They tend to be organized 
around data. There’s no help around 
trying to solve a business problem. It’s 
organized around the data structures 
on the disk. 


What's the approach to solving that prob- 
lem? The way to break this tension is to 
say we're not now trying to optimize 
every MIPS. That’s less important in a 
world where 98% of the computing 
power sits idle. We’re going to let the 
systems themselves have information 
in them organized around rules that 
can actually do stuff for you. The only 
way that’s going to work is to have 
things that are simple to use and sim- 
ple to change. The model we have in 
mind is that IT is going to create this 
infrastructure for business users to do 
certain things on — not everything, 
but certain things that they care about 
profoundly that IT doesn’t care about. 


How does that model work? The break- 
through we’ve come up with techno- 
logically is that we’ve taken the rules 
of the business, and instead of having 
the rules of the business run in code, 
we treat the rules of the business as 
data. In our systems, the IT group cre- 
ates the infrastructure, and we allow 
you to use Visio to sketch out your 
process, and then our engine asks you 
what sits behind each shape. We grab 
the answers, and we grab the Visio. We 
can run it down to the server so busi- 
ness users don’t have to care about it. 
We dynamically compile it into Java as 
necessary, and then we run it. If the 
business user changes it, then we’re 
able to reflect those changes without 
having the IT guys make changes be- 
cause the engine is actually running off 
the business-oriented definition of how 
you want to go through things, instead 
of the technically oriented definition of 
how the data is stored. This is the prob- 
lem in a nutshell that we’ve been work- 
ing on for more than 20 years. @ 45696 
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AN ELITE FORCE 


Researchers are using Tom Clancy's 


AT YOUR CONTROL 


R Pe Ree on i 


video game, seen above, to identify 


physiological resporises that can be monitored, as part of the MentorPal program. 


| 

| 
Researchers seek | 
virtual mentors for | 
soldiersandsecurity | 
professionals. | 
By Dan Verton | 


certainties of combat. It’s arguably the most difficult 
decision-making environment in the world. 
But researchers at Sandia National Laboratories’ 


| Advanced Concepts Group have been working for 


the past six months on a program that aims to boost 
the decision-making capabilities of soldiers and 
homeland security officials operating in high-stress 
environments. 

The work behind the so-called MentorPal program 


| is at such an early stage that officials are reluctant to 


talk about it in detail out of fear that too much will 
be expected of it, says Sandia spokesman Neil Singer. 


| However, the goal of the research is clear: to make 
; people part of the machine by leveraging biometrics 


and agent-based modeling software to turn human 
physiology into computer algorithms. 
“This is many years away from developing useful 


| technology,” Singer says. “We don’t know yet how to 


Blinding sandstorms, roadside 
bombs and resistance from heavily 


ee ee a 
WATCH in popuistions — the war in Iraq has 


_ once again proved the wisdom of the 
military adage that “no plan survives contact with 
the enemy.” 

This condition is known as the “fog of war,” and 
it’s familiar to all veterans. Once the bullets start to 
fly, the chaos and confusion of battle force every 
body, from the lowliest private to the highest-ranking 
general, to improvise and adapt their plans to the un- | 





| scenarios. Everything from voices and 


read the [human physiological] signals with a great 
deal of accuracy. We only know they are there.” 
Although the initial work is focused on national 
security applications, Singer says any activity where 
complex decision-making is the norm, such as air 
traffic control, could benefit from this research. 


_ Enter Tom Clancy 


The MentorPal effort began in an unusual way. Sci- 
entists observed four people as they played the PC- 
based video game Tom Clancy’s Rainbow Six 3: 
Raven Shield. Through a dozen trials, researchers 
recorded the players’ physiological re- 
sponses during different situations ex- 
perienced in the game’s antiterrorism 


facial expressions to typing, mouse 
movements, hand motions, breathing 
rates, muscle activity, heart rates, skin 
responses and blood oxygenation levels 
were recorded. 

So far, the research has been able to 
link various physiological responses to 
things like stress, fear, daydreaming 
and fatigue. Sandia scientists hope to 


A briefing on tl 


program Is 


www.computerworld.com 








MORE ONLINE 


A summary of Sandia's 
anti-terrorism activities is 
available at 
www.sandia.gov/ACG/ 
bCtet ir Ure MT 


ie MentorPal 


www.sandia.gov/ACG/ 
mentorpalmain.htm 


create a central server that can integrate all of these 
readings from lightweight sensors worn on the body. 
Then they plan to use the software to help team lead- 
ers assign tasks to those who are most alert or to 
assist people in their decision-making based on 
analysis of their fellow team members’ conditions. 

For example, consider a team of air traffic con- 
trollers that’s managing a major crisis with one or 
more airliners. As envisioned, MentorPal would as- 
sist the team leader by indicating that “Team Mem- 
ber A is growing increasingly excited” before that 
person reports what he is observing. That short peri- 
od of advance notice may increase the team’s deci- 
sion-making speed enough to avert disaster. 

“There are no conclusions yet on the utility of this 
technology,” says Singer. “But if something like this 
can be done, then people in critical situations might 
be able to perform better and make better decisions.” 

Scientists envision the Pal as a wearable IT appli- 
ance that will collect physiological data from an ar- 
ray of body sensors. It will use wireless technology 
to transmit the data to a central analysis and integra- 
tion node (the Mentor). From there, wearers of the 
Pal will receive feedback and coaching based on the 
various inputs to the system. 

According to a MentorPal briefing presented to 


| NASA on Oct. 28, 2003, by Peter Merkle, the project 


manager at Sandia, the Mentor system “cannot be 
designed” but will have to grow over time from con- 


| stant interaction with a seed team. “The system will 


learn and change itself from experience,” according 
to Merkle’s presentation (www.sandia.gov/ACG/ 
mentorpal/nasahumanperformance.pdf). 


Digital Dangers 
Some analysts and military experts acknowledge that 
while the theory behind the software is worth re- 
searching, there is a real danger that such a system 
could have the opposite effect from what the re- 
searchers are trying to accomplish. 

“This research can have merit, [but] a potential 
pitfall is that it can add to the fog of war by providing 


| contradictory or confusing information,” says Lt. Col. 
| Ross Romeo, a division chief at the U.S. Army’s Ist 
| Information Operations Command. 


John Pescatore, an analyst at Stamford, Conn.- 


| based Gartner Inc. and a former analyst at the 


National Security Agency, is even less optimistic. 
“Abstracting that human element into a neural- 
network-based piece of software or using biometric 


| inputs as important feeds is one of those areas I don’t 
think will ever happen,” he says. “I will believe we 


are within five years of that when FAA traffic con- 
trollers fly commercial airliners from their towers, 
and pilots serve the coffee on the 
planes.” 

Pescatore says if he ever sees “a sol- 
dier pointing a rifle at me, and he has 
an earpiece with a Sandia logo on it, I 
will run like hell and hide behind 
something bulletproof.” 

Sandia’s Singer acknowledges the 
potential pitfalls. However, the re- 
search is at an early enough stage that 
there is plenty of time to determine 
whether there are ways to avoid them, 
he says. @ 46627 
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area. A case of BlackBerry devices disappears 
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ty Team Practices 
Theft by Delusion 


A key modem disappears from a high-security 


in transit. These tales of apparent theft take 
an unexpected twist. By Vince Tuesday 


G6 E’VE BEEN ROBBED!” 
That a modem had 
been stolen right 
from under our 


noses seemed unlikely at first, 
but as the IT security team 
and I frantically searched for 
it, I declared that it could be 
the only possible explanation. 
The annual audit was only 
days away, and we had to 
double-check all of 
the modem phone 
numbers before the 
auditors descended 
upon us. We needed 
to document the 
numbers to keep 
them satisfied. 
Specifically, we were about 


to be audited on our perimeter | 
| with access to our area about 


network security. The audit 
team would be checking our 
firewalls, proxy servers and, 
most importantly, dial-up 
security. 

The risk of an unsecured 
modem is still high for my 
company. In the past, the risk 
came from users wanting to 
bypass corporate controls and 
get unfettered Internet access 
by dialing in from home. Now 
most employees have broad- 
band and no longer try to do 
this. On the other hand, more 
and more systems come with 
dial-up connections to allow 
vendors to manage them re- 
motely. Vendors have been 
driven by increasingly strin- 
gent service-level agreements 
for performance and a desire 
to help customers without the 
expense of sending an engi- 
neer on-site. These days, it’s 
rare for any of our large disk 
storage arrays or Unix systems 
not to have a trailing phone 
line behind the box. 

We regularly call every 
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| number on our exchange and 
| check what answers and how 


difficult it is to guess a work- 


| ing password. We hadn't done 


a scan in a while, and in the 
last few days before the audit 
kicked off, we wanted to run 
a quick test before the audi- 


| tors did. 


But we needed a modem, 
and ours wasn’t to be found. 
The IT security 
department is sup- 
posed to be a high- 
security area, but 
many other staffers 
have access. We 
wondered if one of 
them had made off 
with our modem. Rather than 
waste time asking everyone 


this, we decided to view the 
closed-circuit television 


| footage of our work area. 


So my team went down to 


| the physical security office 


and asked to view the tapes. 


| There was an enormous col- 


lection, so it took about 10 
minutes for each tape to be 
pulled from the archive and 


| loaded. We started with tapes 
| from a few weeks back. The 


The IT security 
department is 
supposed to be a 
high-security area, 
but many other 
staffers have 
access. 








| modem was clearly visible, sit- 


ting neatly on top of one staff 
member’s computer. Then we 


Although a few papers had 


| collected in front of the mo- 
| dem, it was still clearly visible. 


We continued to pull tapes, 


| steadily closing in on when 
| the crime occurred until we 
| narrowed it down to around 


3 p.m. on a Wednesday. So we 


| loaded the final tape and set- 
| tled back to catch the thief in 


the act. 
As the tape played, we saw 
team members leaving the 


| area, one at a time, to gotoa 


meeting until the entire area 

was empty. It was the perfect 

opportunity for our criminal. 
Then, at 3:17 p.m., the mo- 


| dem was suddenly gone, hav- 
| ing disappeared before our 

| eyes with no perpetrator in 

| sight. Was this an X-Files thief 


with superhuman speed? Only 


| after replaying the tape in 


slow motion did we discover 


| the truth: I watched in horror 


and embarrassment as the mo- 
dem rocked slightly in the air- 
conditioning breeze, then slid 
smoothly off the back of the 
PC and down behind the desk. 
There was no thief, only a 
messy desk and gravity at 
work. Red-faced, I frantically 
apologized to the physical se- 


| curity team before rushing to 


the desk, where, sure enough, 
I found the modem hanging in 


| the back in a mess of wires. 


| Also Among the Missing 
| The good news is that with 

| the modem found, we com- 

| pleted the scan before the au- 


ditors arrived. It feels a bit 
cheeky to do work in the last 


| few weeks before they arrive, 


as if we have something to 


| hide. But the test results were 


good. Only a few modems an- 
swered outside calls, and all 
had the proper two-factor au- 
thentication to keep the con- 


| nections safe. I found out the 


next week that our work had 
been enough to keep the audi- 
tors happy. 

Other hardware also went 
astray this week. We sent a 


| shipment of handheld com- 
| puters to Australia from our 
Hong Kong office. Deliveries 


| part of the world, but after two | 
weeks, I was becoming rather 


aren’t always as fast in that 


| unhappy with the courier 


company. We finally tracked 
the problem down to a cus- 


| toms team, and I stayed up 
| late to give them a call. 


The agent explained that 


| the package was delayed for 
| quarantine. This confused me 


a little, and I upped the pres- 
sure on him to release the 
items, explaining that we ur- 


| gently needed them and that 

| time was a factor. He wouldn't 
| budge, calmly explaining that 
| he was keeping them in the 


freezer. This threw me off. I 
paused before politely asking 


| why on earth he would be 
| keeping them in the freezer. 
| Then he explained that all soft 





fruit, including my “blackber- 
ries,” had to be held in cold 


| storage until all quarantine 


forms were completed. Had I 


| provided the required grower 
| information on the initial im- 
| port documentation, he chas- 


tised, there wouldn’t have 
been a delay. 

It took us a few more ex- 
changes before he understood 
that my BlackBerry devices 


| were electronic and not fruit. 


With this mix-up resolved, our 


| handhelds were soon defrost- 


ed and on their way to Aus- 


| tralia. I’m still waiting to see 


what effect this unexpected 
cold snap has had on our 
hardware. B 


WHAT DO YOU THINK? = 


| 
| This week's journal is written by a real 


security manager, “Vince Tuesday,” whose 


| name and employer have been disguised 


for obvious reasons. Contact him at vince 
tuesday@hushmail.com, or join the dis- 
cussion in our forum: QuickLink a1590 


To find a complete archive of our 
Security Manager's Journals, go online to 
© computerworld.com/secjournal 
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Security Bookshelf 


8 Hardening Windows, by 
Jonathan Hassell; 
Apress, 2004. 


Hardening a Win- 

dows system in- 

volves taking the 
out-of-the-box 

default state and 

adding patches, re- 

moving unneeded services 
and configuring the required 
services to be robust and se- 
cure. But the complicated and 
fast-moving nature of the Win- 
dows world has made this a 
difficult task to get right. 

This book doesn’t delve 
deep into the theory behind 
systems security or into the 
guts of Windows. It simply ex- 
plains what to do to keep Win- 
dows systems safe and secure. 

The process is presented 
in a clear and useful manner. 
The coverage of the network- 
access quarantine control 
that allows administrators to 
stop unpatched or out-of-date 
virus-protected machines from 
dialing in until they are proper- 
ly hardened is superb. And 
checklists throughout turn this 
text into a hands-on guide. 

The book should appeal to 
any network administrator 
with Windows machines to 
protect. 

- Vince Tuesday 


OmniTrust Adds 
Plug-in Protectors 


OmniTrust Security Systems 
Inc., a Mountain View, Calif.- 


to help companies protect 
confidential information. The 


tial data from printing, copying 
or performing screen cap- 
tures. Administrators tag the 
directories of specific Web 
pages that require protection. 
Aclient-side internet Explorer 
plug-in ensures that users 
can’t manipulate protected 
data while allowing input 
where needed. Product pric- 
ing starts at $80 per seat. 
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Networks that Know 


These days, no network is free of threats. That’s why you have to assign network security privileges to everyone. Employees, customers, 
and partners. You need to set an acceptable use policy that dictates what each of them can and can’t access. Until now, you had to do 


this manually. 
Not anymore. Now you can do what Baylor University did. Implement an Eatexanys Secure Networks” solution with a ee. per 


ork with central, intuitive management. Find out more at networksthatknow.com/Baylor. 
ners we've worked with for years. 
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1. Sees stock devaluation immediately. 

2. Updates clients’ apps automatically. 

3. Accesses updated trading app instantly. 
4. Reviews pundit predictions easily. 

5. Buys stock in a snap. 
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Sonic Upgrades ESB 


Sonic Software Corp. in Bedford, 
Mass., announced Sonic ESB 5.5, 
the latest version of its enterprise 
service bus. Sonic ESB 5.5 incor- 
porates the Sonic Continuous 
Availability Architecture, which 
guarantees that transactions are 
not lost or rolled back and reduces 
the time required for the ESB’s 
communications infrastructure to 
resume operations after a failure, 
according to Sonic. Key capabili- 
ties include hot fail-over to ensure 
the integrity of in-process trans- 
actions, and an “out-of-the-box” 
software-based configuration, 
eliminating the need to configure 
and deploy specialized hardware, 
the company said. Sonic ESB 5.5 
will be available by the end of the 
onth. Pricing starts at $10,000 
per communications server CPU. 


Smarts Launches 
Business Insight 


System Management Arts Inc. in 
White Plains, N.Y., announced 
Business Insight, which uses au- 
tomated analysis software to pro- 
vide a real-time view of the health 
and availability of networks, ap- 
plications and systems, according 
to the company. Business Insight 
includes the InCharge suite of 
software products, which com- 
prises a new version of InCharge 
6.2 with new releases of In- 
Charge Business Impact Manag- 
er, InCharge Service Assurance 
Manager and InCharge Server 
Performance Manager. Pricing 
starts at about $100,000. 


Sony Announces 
Blue-Laser Drives 


Sony Corp. last week announced 
blue-laser disc drives based on its 
Professional Disc for Data format 
that are aimed at e-mail archiving 
and network storage. Sony Pro- 
Data drives have 23GB storage 
capacity on a single-sided disc, 
and they can clock 11MB/sec. 
read and 9MB/sec. write speeds, 
according to the company. The 
drives retail for $2,995 for the in- 
ternal SCSI model and $3,299 
for external SCSI models. 
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TOMMY PETERSON 


UCH HAS BEEN SAID and written 
about the need for software that aligns 
with and supports the processes and 
policies of the business using it. The 
goal is to make IT systems, and the 


companies that run them, 
more responsive to ever- 
changing market threats 
and opportunities. 

It’s an appealing vision, 
in a Darwinian sort of way: 
a lean, agile organization, 
bristling with streamlined 
technology that delivers a 
competitive advantage 
while mocking the arcane 
clunkiness of old-fashioned 
enterprise systems. 

At the end of this line of 
thinking is IT, which does the dirty in- 
formation work. It serves up the data 
and analysis needed in real time — 
and then gets out of the way, leaving 
the informationally empowered user 
free to think strategic thoughts. The 
better these big corporate IT systems 
do their jobs, the more they recede 
from the attention of end users. They 
certainly alter the ways those users 
think and behave, if in largely unno- 
ticed ways. 

But some increasingly popular tech- 
nologies are designed specifically to 
structure and alter users’ thinking and 
behavior. These tools and systems are 
loosely categorized as collaboration, 
knowledge management, project plan- 
ning and brainstorming software. 
Their use suggests a more humbling 
perspective on human/computer 
interaction. 

The basic premise is that software 
can make us better by imposing order 


(policies and protocols) on the way we 


interact with it and with our col- 
leagues, customers and partners. The 
software speaks to that perceived need 
to get organized that pervades every 
workplace — and maybe every life. 
There’s more than a hint of the di- 
dactic about these tools — it’s not sur- 





prising that many of the 
companies that offer such 
software have roots in the 
e-learning and training in- 
dustries. 

When the tools work 
well, they can quickly 
move to a central role in 
an organization. Eurocon- 
trol, the 33-nation alliance 
that controls air traffic 
throughout Europe, is in 
the process of an expand- 
ing implementation of 

Centra Web conferencing and e-learn- 
ing software. John Byrom, head of 

the organization’s flow management 
division, recently made use of the 
e-conferencing software mandatory 
for meetings among Eurocontrol 
members. 

“We're taking a hard line on this: 

If they want to meet with us, they 
have to use the tool,” says Byrom. “We 
tell them that we’re trying to be more 
cost-effective — and we are — but 

the other factor is that the software 
makes our meetings more efficient 
and productive.” 

Byrom acknowledges that a trip 
from, say, Brussels to Athens for an 
hour-long meeting, as was Eurocon- 
trol’s past practice, has its appeal. But 
besides the time and money expended, 
such jaunts probably aren’t the most 
effective way to get things done. 

“Now people stay in the office and 
concentrate on finding a result for the 
meeting. There’s always a real agenda, 
and there’s nothing else to do but 
work, and you find a fairly quick solu- 
tion,” says Byrom. “That doesn’t mean 
that you’re not open to ideas, but it 
gets you back to a culture of results.” 

There’s also software to guide you in 
those early phases of a project, when 
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Re-engineering the User 


you have no idea what those results 
should be. Many of these tools are de- 
signed to facilitate “visual thinking” — 
turning brainstorming sessions into 
project maps and diagrams. A tool like 
Microsoft Visio might help you turn 
your ideas into graphical presenta- 
tions, while software from vendors like 
Mindjet or Inspiration Software pro- 
duce pictures to clarify ideas. 

The delivery systems group at 
Genencor International, a biotech 
company in Palo Alto, Calif., looked 
around a couple years ago for a knowl- 
edge management tool and picked 
Mindjet’s MindManager. The scientists 
in the group liked the Mind Maps — 
detailed but easily changed diagrams 
of ideas and how they’re connected — 
that emerged from brainstorming ses- 
sions using the software, according to 
group leader Todd Becker. 

“Tt was a way to capture ideas, put 
everything together and have it ina 
common repository,” he says. The soft- 
ware has spread out through Genencor 
for uses ranging from preparation of 
papers and presentations to project 
management. Becker says his only 
reservation is that MindManager tends 
to organize most ideas into hierarchies, 
and sometimes that’s not appropriate. 

That's the rub for all these systems: 
Having a structure allows you to build 
ideas and get results, but it also impos- 
es limits. 

But some advocates take an expan- 
sive view of the potential of the collab- 
orative software their organizations 
use. Byrom, for example, ultimately 
wants to build a change management 
system around the Centra system that 
covers situations ranging from train- 
ing to crisis control. 

“We're only using a little piece of 
the software’s potential, and we need 
to use that little piece better,” Byrom 
says. “We have to get smarter, and the 
technology will get smarter, and things 
continue to improve.” @ 46981 
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OPINION 
Alignment Is a Team Effort 


They’re not IT projects; they’re busi- 
ness projects, says Ace Hardware CIO 
Paul Ingevaldson. He says IT align- 
ment comes when the entire business 
shares responsibility. Page 48 


Spreadsheet Overload? 

The ubiquitous spreadsheet — which 
often has hidden errors — may not be 
good enough for heavy-duty financial 
planning and reporting in the Sarbanes- 
Oxley era. But it’s likely to survive as a 
user-friendly presentation tool. Page 46 


Career Watch 

Animas Corp. CIO Bogdan Butoi 
(left) explains how he bolstered his 
IT staff with student workers. Plus, 
management tips for handling poor 
performers and a look at the highest- 
paying IT certifications. Page 44 


Tunin 


In an era of busi- 
ness-focused IT, 
tweaking your tech- 
nology career paths 
can attract and 
retain key talent. 


F YOU’VE HEARD IT ONCE, you've 
heard it dozens of times in the 
past three cash-strapped, re- 
source-constrained, hyper-cost- 
conscious years: The one and 
only purpose of IT is to support 
and enable the business. That 

means everybody in IT, from net- 

work administrators to data ar- 

chitects and project managers, 

must know the business better 

than ever before. 

“You have to 

understand 

the business. 

It’s more 

important 


3 33 


than understanding technology if IT 
is going to be proactive,” says Dennis 
Fishback, CIO at San Jose-based ener- 
gy producer Calpine Corp. 

True enough. Yet experts warn that 
there’s also a danger of IT organizations 
increasing their business focus at the 
expense of maintaining leading-edge 
technology expertise. That’s why the 
very best IT employers are simultane- 
ously upgrading and enhancing purely 
technical IT positions — and their ac- 
companying salaries and benefits — as 
part of a dual-track career-path system. 

“The best companies, and especially 

those with an R&D mind-set, are 

searching to support the individual 
technical contributor and the value 
they bring,” says Linda Pitteuger, an 
analyst at People? Inc. a Gartner Inc. 
company in Bridgewater, NJ. “To 
stymie them is ridiculous. It’s 

Flintstone HR.” 

It’s also increasingly risky 
as the economy improves 
and hiring picks up, es- 
pecially at companies 

with pent-up demand for 
top technical talent. In a 
2004 PricewaterhouseCoop- 
ers survey of 177 chief fi- 
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Continued from page 39 

nancial officers at U.S. companies, 63% 
of those in technology companies said 

they plan to increase their workforces 

by an average of 3.5% this year. 

At the same time, many IT workers 
are restless and looking for a job 
change. In a survey conducted in late 
2002 by Fort Lauderdale, Fla.-based 
Spherion Corp. and Rochester, N-Y.- 
based Harris Interactive Inc., 51% of 
3,278 U.S. workers interviewed said 
they wanted to leave their current jobs. 
IT workers were especially dissatis- 
fied, with 40% reporting poor or fair 
job satisfaction, compared with 28% 
of the total sample. 


Here’s a look at how several leading- | 


edge IT employers across a variety of 
industries are fine-tuning their IT ca- 
reer paths to attract and retain some of 
the best and brightest technology- and 
business-focused IT talent 


Side-by-Side Career Ladders 


Cardinal Health Inc. has spent the past 
two years overhauling its IT career- 


path system. Before that, says IT Direc- | 


tor Dave Hammond, the human re- 
sources department and upper man- 
agement considered it “an absolute 
anathema” to award incentive pay to 
any workers other than managers. 

This approach shortchanged the 
many employees who have deep 
knowledge of particular computing 
platforms or software tools and can 
solve problems but have no desire to 
manage other people, he says. 

“You'd never put these guys in front 
of customers on a sales call, but you 
also couldn’t do without them,” Ham- 
mond explains. Today, he adds, “every- 
body understands that.” 

Under the old system, those technol- 
ogy employees were penalized. But 
that all changed, Hammond says, when 
CIO Jody Davids won approval for the 
current system of parallel career tracks 
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| — and pay — for IT workers and IT 
| managers. “The way we have struc- 


| tured the job paths now is that they are | 
parallel, but there also are nexus points | 


along the paths, so there’s always a way 
to get back,” Hammond explains. “An 
IT architect might go back to school 
and get an MBA and want to get ona 


| project management or manager track, | 


| and we allow that. We allow free 
| changing, as long as people have the 
skill set.” 
Cardinal’s one stipulation is that 

| workers who receive extensive, com- 
pany-paid training for a specific 
position must commit to remain 
in that position for a minimum 
of two years. 


| Global Experience 


Top-notch experts in a particular tech- 
nology, such as Oracle databases, can 

| be difficult to attract to a Fortune 500 
company outside of the high-tech in- 
dustry “because these experts like to 
associate with their peers,” says Barry 
Libenson, CIO at Ingersoll-Rand Co. in 
Woodcliff Lake, NJ. “You have to be 
able to provide them a career path in 
which they can rise in the ranks of the 
technical staff.” 

The $8 billion industrial manufac- 
turer does that by awarding increasing- 
ly larger and more complex technology 
projects to top talent and sending 
those employees on assignments 
around the world. 

“Right now, one of my best guys is 
responsible for a $1 billion project in 
Dublin, Ireland, where all of our Euro- 
pean orders flow through. He is the ar- 
chitect,” explains Libenson. “The real 


The Acid Test 


To help determine how much value an 
employer places on IT and technology 
jobs in particular, People analyst 
Linda Pittenger suggests getting an- 
swers to the following questions: 


® Has the IT organization's funding 
increased or decreased over the past 
two to three years? 


®& How many IT jobs have been cut in 
the past two to three years? 


@ What kind of ongoing technical 
training does the company offer? 


® How long has current IT manage- 
ment been in place? (Newer leader- 
ship tends to be most interested in 
emerging technologies.) 
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The Transnational Technologist 


Operations manager Adam Nichols 
returned home to Pennsylvania in 
April after spending three months in 
Pune, India, where he oversaw the 
setup of Synygy’s 53-person off- 
shore software development and 
customer services center. 

“There was a call for two people 
to get the office started, and | 
jumped on the opportunity,” says 
Nichols, who has worked in both 
pure technology and business roles 
in his four years at Synygy. 

Nichols says one of his biggest 
challenges in India was working 
with the communications infra- 
structure. To minimize problems 


tough question is, What do I do with 
him when he comes back to us? He'll 
probably take over a large-scale sector 
implementation.” 

Chetan Shah, executive vice presi- 
dent of technology at Synygy Inc., a 
software and services company in Con- 
shohocken, Pa., dispatches his top tech- 
nical employees to India and other off- 
shore sites for two to three months at a 
time to set up software development 
centers. “We offer this as an opportuni- 
ty for people who want to get experi- 
ence in other cultures and 

65 
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work with technologies that 
are different,” he says. “A 
Tl here, for example, is dif- 
ferent than a T] in India.” 


Integration Experts 
IT career paths changed at 
Rich Products Corp. when 
the Buffalo, N-Y.-based 


frozen foods maker migrat- PU meeps 


| ed to SAP AG’s ERP soft- 


ware to run its entire busi- 

ness. IT employees with 
subject-matter expertise in a particular 
business function, such as logistics, 
sales or procurement, moved into so- 
called competency centers where they 
serve as knowledgeable liaisons be- 
tween nontechnical users and the IT 
group. 

“These people are functional experts 
who started their careers on the busi- 
ness side and then became involved in 
IT and process-change initiatives,” ex- 
plains CIO Paul Klein. Technology- 
oriented IT workers, on the other 
hand, are now focused on systems inte- 
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with transmission quality, he devel- 
oped new procedures and deployed 
some additional technology to ex- 
change documents between offices 
in the U.S. and India. Nichols also 
worked on a replication project to 
duplicate the company’s internal 
servers at the two locations. 

“| saw it as a huge benefit, both 
Nichols says. “Anytime you have 
the opportunity to take on a new 
challenge and a new culture and 
lead something from the ground up, 
it's an opportunity. | gained experi- 
ence. | gained world experience.” 

- Julia King 


gration, which requires a deep knowl- 
edge of operating systems and network 
architecture, he says. 

“Our whole [technical] focus now is 
managing architecture and integration 
and continuing to assemble a collec- 
tion of packages,” Klein says. “We don’t 
design screens anymore, so we don’t 
need things like strong relational data- 
base management skills. And when we 
do need that expertise, we go outside 
and bring in contractors.” 

Salary and compensation for both 
technology employees and 
those in the competency 
centers relates directly to 
their level of leadership re- 
sponsibilities, Klein says. 
“If you’re an individual 
performer, no matter how 
good you are, you're going 
to max out,” he adds. “But 
as long as you have leader- 
ship responsibilities, you 
can get beyond that indi- 
vidual-performer cap.” 

For example, Rich Prod- 
ucts is upgrading its 1,500 PCs across 
20 manufacturing sites. “It’s strictly a 
technology project, not a business pro- 
ject,” Klein notes. “But the project 
leader is someone with a lot of tech- 
nology project management experi- 
ence, and that person is making as 
much money as project leaders who 
are leading business projects.” 

It’s not whether a project is about 
business or technology that deter- 
mines the manager’s compensation, he 
says. “It’s a matter of how much leader- 
ship you want to take on.” @ 46513 





HP Integrity servers are taking ie a 
the companies using atu 


Companies adopting HP Integrity servers, powered by industry-leading 
Intel’ Itanium’ 2 processors, are seeing remarkable gains in performance. See who's choosing 


The momentum is building. One after another, companies are choosing HP Integrity servers HP Integrity servers 


Leading software and technology partners such as BEA, Microsoft; Oracle, SAP and Siebel and choosing results 
Systems have embraced the platform as an industry standard. And with the ability to manage 
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science students who have spent six 
months working at Animas as co-op 
employees as part of their university pro- 
CUM Ee one RC ROEM Cat 
some of the best students to full-time em- 
ployees who remain at the company today. 


How did you go about converting co-op 
students to full-timers? We made an offer 
of a full-time job if they would agree to go to 
school at night. We paid their tuition plus paid 
them a salary like any other IT employee. 


How much do they earn? It's based on 


Don't Oil the 
Squeaky Wheel 


FORGET LAVISHING YOUR ATTENTION on 
troublemakers and poor performers. If 
you're an IT manager who wants your team 
members to be productive, positive and en- 
ergetic, you must spend the majority of your 
time with the workers who behave that way. 


' school guidelines. We've started them between 


: $12 and $14 an hour. You can go extra if the 


| Student is perfect. You have to judge them 
when you interview them. Companies interview 

! about 20 students, then both the students and 
employers put their preferences into a match- 

:_ ing system. This matches students’ interests 

with companies’ needs. 


Do you require the student workers to sign 
: acontract or any other kind of agreement 

about how long they’ll remain with your 

company? in the beginning, no, we didn't initi- 

ate a contract. But now, as the company is going 

public, we offer stock options [as a means of re- 
| taining] workers. 


Are there any special challenges to man- 

| aging and/or motivating student workers? 

| You have to understand that some projects will 
not get done as soon as possible if you want 

: [student workers] to learn. It's better to give 

1 them a project they have to figure out how to 

| do. That gives you a better idea of their poten- 

' tial. Don't just give them procedures to execute. 

: When we were looking for a document man- 

: agement solution, we gave co-op students the 

| task of looking for open-source, Web-based 

‘ solutions that we could use internally. We had 
them get a demo of the software, make it work 

:_ and then show it to us. - Julia King 


So says Wolf Rinke, a human resources 
expert based in Clarksville, Md., and author 
of Don’t Oil the Squeaky Wheel: And 19 Oth- 
er Contrarian Ways to Improve Your Leader- 
ship Effectiveness (McGraw-Hill, 2004). 

If a worker's weaknesses consistently 
outweigh his strengths, even after appropri- 
ate coaching and training, Rinke recom- 
mends reassigning the employee to an area 
that could potentially build on his strengths. 
If that doesn't work, or there is no other 


Highest-Paying IT Certifications, Q1 2004 


= Project Management Professional 


= Cisco Certified Internetwork Expert 


= Citrix Certified Enterprise Administrator 


= Global Information Assurance Certification Security Expert eat 


Base: 42,000 public- and private-sector IT workers m SOURCE: FOOTE PARTNERS LLC, NEW CANAAN, CONN., APRIL 2004 


Nice Work If You Can Get It 


Percentage of companies that have 500 or more open positions 
that require some level of government security clearance 


of companies that have seen “significant increas- 


oy 


Percentage 
es” in the contractual requirements for government-cleared 


workers over the past five years 


Base: 51 TAA member companies m source: INFORMATION TECHNOLOGY ASSOCIATION OF AMERICA, ARLINGTON, VA, APRIL 2004 


Numbers Crunch: IT Hiring Scorecard 
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SOURCES: WALL STREET JOURNAL, BUREAU OF LABOR STATISTICS, DELOITTE & TOUCHE LLP 


place to send him, it’s time to take drastic 
action and fire him, Rinke says. 

Dorai Thodia, chief technology officer at 
iMorph Inc. in Palo Alto, Calif., recommends 
hiring new IT employees with the under- 
standing that they will be re-evaluated after 
six months. “The reason is simple. Lots of 
people claim they have three or four years of 
experience, but what they really have is one 
year of experience repeated three or four 
times,” Thodia says. 


At some companies where he has worked, 
“we used to have people hang on for a year, 
but we found it put more pressure on better- 
performing employees,” Thodla says. For ex- 
ample, if a software tester does a shoddy job, 
it drives up costs and shifts an additional 
work burden to customer service personnel. 
“It also can drive down morale,” he adds, 
“because people see a guy who isn’t perform- 
ing but is getting the same pay.” @ 46770 

- Julia King 
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QUALIFIED PROFESSIONALS 


MODERATOR 
James E. Gaskin 


YOU'LL SEE TECHNOLOGY 
IN ACTION: 


hardware VPNs vs. software VPNs 


firewalls for remote sites the latest in 
authentication 


SOHO tools applicable for remote offices 
remote backup and restore tools 

remote office disaster recovery solutions 
remote voice over IP 

workgroup collaboration and team projects 
the best of remote support options 


WHO WILL BE THERE? 


> Expert Event Leaders 
>» James E. Gaskin, Author, Columnist, Adviser 


> Toni Kistner, Managing Editor for 
Network World 


and professionals who must implement, 
integrate and manage remote office networks: 


» ClOs/CSOs/CTOs 

> VPs/Directors of Networking 
>» Network Managers 

> Business Line Managers 

> Small Business Owners 


This event is limited to Network and IT professionals involved in 
the evaluation, purchase and implementation of remote office 
networks. Network World Events reserves the right to determine 
total audience and profile of complimentary 

attendees. Paid registration is also available. 
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Ask IT managers and they say: 
“Branch offices, telecommuters and mobile 
workers create security nightmares.” 


How can network managers meet the business 
demand and avoid the downside? Balance 
“Never-ending expenses.” 
“User-management headaches.” 


costs with benefits? Protect data and profits 
too? Attend Remote Office Networking: 


Corporate, however, tells a different story: Central to Success, a breakthrough Network 


“Remote office networks are our fastest-growing need.” 
“A crucial competitive edge.” 
“The future of the enterprise.” 


World Technology Tour Event. It's where you'll 
see solutions that integrate far-flung networks 


with your core network architecture. 


Advance Reservation by Qualified Professionals is Required for Complimentary Attendance 


Register now at www.nwfusion.com/ROS4ACW 
or call 1-800-643-4668 
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\ Cisco SysTEMS 
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GOLD EXHIBITING SPONSOR: 


WAN 


eee £GoRemote 


To join sponsors of this premier Network World Event, please contact Andrea D'Amato at 1-508-490-6520 or adamato@nww.com for free, no-obligation information 
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OVvérload?- 


| By Alan S. Horowitz 
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N THE BEGINNING, there was VisiCalc, the first 

killer app for the PC. Lotus 1-2-3 subsequently 

took over, before yielding the throne to Micro- 

soft Corp.’s Excel. Today, spreadsheets are so 

easy to use and ubiquitous that they’ve sprout- 
ed like weeds throughout most companies. And they 
often hold important financial data. 

But what if Mary’s sales spreadsheet differs from 
Tom’s and has faulty data or a modeling error? What 
if Tom hoards his spreadsheet data — it’s a form of 
power, after all — and won't let go? How do you get 
the data from dozens of far-flung spreadsheets into a 
companywide planning or budgeting system that 
meets the latest accounting standards? 

Various studies report that 47% to 64% of compa- 
nies use stand-alone spreadsheets for planning and 
budgeting, for example. But critics say spreadsheets 
— invented as a personal productivity tool — aren’t 
well suited to collaboration, data quality or regulato- 
ry compliance. “Excel is a tool of information maver- 
icks,” says Eleanor Taylor, manager of business intel- 
ligence strategy at software vendor SAS Institute Inc. 
in Cary, N.C. 

“Besides being extremely unwieldy for processes 
involving large volumes of data and multiple users, 
spreadsheets often contain substantial, material er- 
rors, according to academic research,” wrote Paul 
Hamerman, a Forrester Research Inc. analyst, in a 
report last year (see sidebar, next page). 

Companies are just starting to look at the prob- 
lems caused by spreadsheet proliferation, says Gart- 
ner Inc. analyst Michael Silver. “Some enterprises are 
addressing it, but most aren’t,” he says. 


| 
| 
| 
| 
| 
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| 





No one is suggesting that the spreadsheet is going 
away anytime soon or that it’s a top-of-mind IT issue. 
“The subject is certainly of interest and has potential 
for improvement, but in the scheme of things, it’s not 
high on the list of priorities,” says Joe Iannello, CIO 
at watchmaker Movado Group Inc. in Paramus, NJ. 


What’s the Problem? 


Questioning the desirability of spreadsheets, after 
their widespread acceptance over the past two 
decades, is almost like questioning mom and apple 
pie. But for a modern corporation looking for consol- 
idated planning and financial reporting, spreadsheets 
pose challenges not dreamed of when they first be- 
gan popping up on PCs across the land. 

Here are three of the more significant spreadsheet 
issues that companies have to address: 


DECENTRALIZATION. Mentor Graphics Corp. in 


| Wilsonville, Ore., had a central 25MB Excel spread- 


sheet and 1,200 budget spreadsheets across the en- 
terprise, one for every cost center. But having nu- 
merous spreadsheets makes it difficult to collect im- 
portant data. “Spreadsheets are great analysis tools, 
but at some point you start using them as a planning 


| system, and that’s where Excel starts breaking 


down,” says Jan-Willem Beldman, Mentor’s enter- 
prise data architect. 
So Mentor decided to use SAP AG software as a 


| centralized database of accounting transactions and 


Hyperion Solutions Corp. software as a budget plan- 
ning tool. The Hyperion system allows Mentor 
to quickly do a what-if analysis of, say, changing 
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phisticated business analytic tool running 
against it,” Chen says. 

The goal is to use a yet-td=be-selected ana- 
lytic application to automate much of the 
standard analyses currently done by the Excel 
spreadsheets while providing capabilities that 
go beyond what a standard spreadsheet can 
do. “Using Excel to generate business analyt- 
ic reports will be phased out” over a period of 
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employee benefits in various countries. “These are 
things you might be able to model in Excel, but if you 
have a lot of details, it’s much more than you could 
have in a spreadsheet,” says Beldman. 


COMPLIANCE. Having financial data in a hodgepodge 
of spreadsheets also makes it hard to maintain one 
version of the truth [QuickLink 43119], which is im- 
portant for complying with the law. For example, the 
Sarbanes-Oxley Act requires companies to maintain 
a good audit trail, and generating such a trail is diffi- 
cult to do with Excel, Beldman says. 

“With financial data, the risk of using spreadsheets 
is too high under Sarbanes-Oxiey,” says Hamerman. 
“Let’s say you use spreadsheets for consolidations of 
financial reporting. I think there’s a chance for errors 
to occur in the spreadsheet formulas in this environ- 
ment. That’s a risk the company shouldn't take.” 


DIRTY DATA. “One major issue with spreadsheets is 
poor data quality. As you make changes or add infor- 
mation, your spreadsheet will have errors or mis- 
matched formulas,” says Ed Chen, director of IT at 
KQED Inc., which operates public television and ra- 
dio stations in San Francisco. 

That’s why some users are moving from decentral- 
ized data held in spreadsheets to a centralized data- 
base. “The quality of data improves greatly because 
you have much more control of the different calcula- 
tions,” Beldman says. 

Spreadsheet incompatibilities can even cause con- 
flicts within a company. “If I have developed a 
spreadsheet, I trust my spreadsheet more than yours, 
even if yours [is really] more accurate. That creates 
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political problems,” observes Shaku Atre, president 
of Atre Group Inc., a database and business intelli- 


, gence consultancy in Santa Cruz, Calif. 


Reality Check 


To some extent, the criticism — it’s been called “the 


| demonization of spreadsheets” — comes from ven- 


dors pushing their own, more expensive financial 
software, such as business performance management 
software. Vendors put out press releases with head- 
lines like “Spreadsheets Out, Hyperion In” and “Ex- 
tensive Reliance on Spreadsheets Dulls CFOs’ Strate- 
gic Edge,” while arguing that spreadsheets won't help 
companies comply with the Sarbanes-Oxley Act. 

“Only to a degree is that true.” says Chris lervo- 
lino, head of ITEC Consulting Inc. in White Plains, 
N.Y. He says it’s true that spreadsheets aren't a good 
corporate data store, and they aren't good for manag- 
ing processes like planning and budgeting because 
there’s too much error-prone manual work involved 
For Sarbanes-Oxley compliance, it’s easier for execu- 
tives to sign off on the integrity of a financial process 
if it’s fully automated, without manual! steps like in 
spreadsheets, lervolino says. 

“But that doesn’t mean spreadsheets are down and 
out,” he continues. lervolino and other observers say 
the future of the spreadsheet is as a user interface for 
manipulating data extracted from a central, back-end 
database. “{Spreadsheets] are a great manipulation 
and analysis tool; they're not such a great database,” 
says Beldman at Mentor Graphics. 

Besides, it would be hard to snatch spreadsheets 
away from the power users. “You'd have to pull the 
spreadsheets from the cold, dead hands of the ana- 
lysts,” lervolino quips. That’s why the vendors of 
even the most sophisticated business performance 
management tools have interfaces for connecting to 
spreadsheets — it’s a market requirement. 

“People can quickly become computer-literate 
[with spreadsheets]. They feel empowered; their 
confidence is boosted,” Atre says. 

So be prepared for resistance when moving to a 
centralized system. “Trying to get peopie not to save 
data locally and not to do their own spreadsheets is a 
cultural problem based on 15 years of PC use,” Gart- 
ner’s Silver says. 

Although spreadsheets have significant shortcom- 
ings, they provide enough benefits — usability, what- 
if analysis and presentation graphics — that most ob- 
servers say they'll be around for the foreseeable fu- 
ture. “They will persist as an interface that people 


| will continue to use to manipulate and store data,” 


says Herbert A. Edelstein, president of Two Crows 
Corp., a data mining consultancy in Potomac, Md. “I 
can’t envision a world where the spreadsheet will 
disappear.” 

Prashant Dholakia, senior vice president at Free- 
Markets Inc., a procurement services provider in 
Pittsburgh, isn’t so sure. Someday, large corporations 
may have to consider a postspreadsheet world, Dho- 
lakia says. “Spreadsheets can go only so far,” he says. 


| “Something will have to replace it, but there’s no 


consensus of what that is.” © 46772 





Horowitz is a freelance business and technology writer 
in Salt Lake City. Contact him at alan@ahorowitz.com. 
Additional reporting by Mitch Betts. 
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Citron Named 
CTO at Rodale 


Rodale Inc., a publisher of self- 
help books and magazines in Em- 
maus, Pa., announced that Ken 
Citron has been named senior 
vice president and chief technolo- 
ay officer. Citron will have world- 
wide responsibility for IT strategy 
and all IT functions, including edi- 


torial, financial, marketing, distri- | 


bution and fulfillment systems. 
Prior to joining Rodale, Citron 
served as senior vice president 
of information systems at Sony 
Music Entertainment Inc. 


Schnier to Head 
VeriFacts IT Staff 


Cynthia Schnier has joined the 
management team of VeriFacts 
Automotive LLC as CIO. Newport 
Beach, Calif.-based VeriFacts 
provides technical and training 
services to the collision repair in- 
dustry. Schnier will design and 
implement workflow and man- 
agement reporting systems. She 
previously served as CIO at Insur- 
ance Auto Auctions Inc. 


Washington Mutual | 


Names New CIO 


Debora Horvath has been appoint- 
ed executive vice president and 
CIO at Washington Mutual inc., a 
financial services retailer in Seat- 
tle. Horvath is a 25-year veteran 
of General Electric Co., where she 
was CIO at GE Insurance and GE 
Financial Assurance. Former 
Washington Mutual CIO Jerry 
Gross has become executive vice 
president of technology. He will 
focus on special projects. 


Yaros Will Lead 
Pinnacle IT Group 


As part of a restructuring, Justin 
Yaros has joined Pinnacle Sys- 
tems Inc. in Mountain View, 
Calif., as ClO. Pinnacle provides 
digital media creation, storage 
and playback products. Yaros 
previously served as CIO at Sony 
Pictures Entertainment. 
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ent Isa 
eam Effort 


HE IT PRESS IS FULL of articles on align- 
ing IT with the strategy of the corpora- 
tion. The questions abound: “How do we 
align our projects with corporate priori- 
ties?” “How do we know we’re working 
on the right projects?” “Why doesn’t management feel 


good about IT?” 


Guess what: IT seems to be the only department in 
most companies that worries about this. Have you ever 
heard questions about whether Finance was aligned? 


Or Sales? Or Operations? 
Or Legal? Of course not. 
If they’re not working on 
strategic projects or proc- 
esses, the CEO will find 
new leaders who will. 

In many ways, IT gets 
the same treatment. If we 
aren’t working on the 
strategic projects, the CIO 
gets replaced. But replacing 
the CIO won't solve the 
problem if the company 
doesn’t understand how to 
align IT with the business. 

Alignment isn’t easy. It requires that 
senior management be prepared to 
approach IT in a different way. It re- 
quires that IT get its fair share of exec- 
utive time, which it deserves, since IT 
spends from 2% to more than 10% of 
the revenue line. It depends on the 
recognition that not only is IT essen- 
tial to the corporate strategy, often- 
times it is the strategy. 

As is usually the case, real change 
starts at the top. If IT isn’t working on 
the strategic projects, look at how 
projects are initiated. Often, senior 
executives are uncomfortable manag- 
ing IT and abdicate the responsibility 
for the strategic automation agenda to 
the CIO. If that occurs, the process is 
doomed to fail. 





Certainly, the CIO will 
try to determine the most 
strategic projects to take 
on, but he will have an im- 
possible time trying to se- 
lect one over another. In- 
deed, the very process of 
making this selection is 
full of political pitfalls that 
could crush most CIOs. 
Would you want to be the 
CIO who tells one depart- 
ment that its critical proj- 
ect is less important than 
another’s? 

Instead, strategic prioritization is a 
legitimate and required role of the cor- 
porate officers. The size of the compa- 
ny doesn’t matter. Bigger companies 
have bigger projects, but the principle 
is the same. If the strategic IT priori- 
ties are determined by a consensus of 
the officer group, then IT can never be 
blamed for not being aligned. It’s as 
simple (or as difficult) as that. 

The role of IT in this type of situa- 
tion is a little bit different. First of all, 
IT must be aware of new technologies 
and be prepared to present new op- 
portunities to user management. 

But if IT can’t convince user man- 
agement of a worthwhile technology 
opportunity, it shouldn’t waste its time 
there. Even smart IT people may not 





fully understand the intricacies of 


| each user department, and the tech- 
nology may not be appropriate for that 
| department at that particular time. Re- 
| member, line management runs the 


company, not IT. Go to another de- 
partment where automation efficiency 
is understood and supported and the 
timing is better. 

Once a user department shows in- 
terest in a project, IT can provide sup- 
port, but the user department must 
take the responsibility to sell the proj- 
ect internally and calculate the return 
on investment. IT analysts can do 
much of the legwork here, but the 
ROI calculation includes the total 
costs to be saved within the depart- 
ment, not just the cost of IT. And user 
management must be committed to 
realizing the ROI. 

What is IT’s role in all this? We 
must be sure we understand the users’ 
needs and the needs of the system, 
and we must make good estimates of 
both time and money. We must ensure 
that we have a stable IT environment, 
and we must be sure that the systems 
we build will be efficient. We must 
work on the retention of our technical 
staff so that projects roll out on sched- 
ule and our IT departments have con- 
tinuity of knowledge. 

This approach gets the entire com- 
pany involved in IT project manage- 
ment, from the CEO and the officer 
group to the individuals working in 
the department. The result is that IT 
is strategically aligned, just as Finance, 
Operations, Legal and Sales are. What 
a concept! @ 46101 


NO MORE IT PROJECTS 


You should stop putting an “IT” label on business projects 
just because they involve an element of technology, says 
Maryfran Johnson: QuickLink 45747 


WANT OUR OPINION? 


For more columns and links to our archives, go to 
www.computerworld.com/opinions 








Got Questions About 
Network Consolidation? 


Computerworld’s IT Executive Summit Has the Answers 


If you're an IT executive* in an end-user Streamlining Networks and Data Centers: 


organization, apply to attend Computerworld’s | The Business Benefits of Consolidation 
upcoming enncaniarenid half-day summit 


on Network ( ation. New York City - June 1S, 2004 — 
ClOs and senior IT executives are finding that e ae 
consolidating high-performance networks can | 7., * - _ aes e 

a ‘ : ee ee ee =o : Y aa | Maryfran Johnson 
play a key role in improving business applica- Editor in Chief 
tion performance while significantly reducing | 8:15am to 8:45am Rebuilding the IT Foundation Computerworld 
operational costs. Maryfran Johnson, Editor in Chief, Computerwor 


The proliferation of network capacity and relat- | 8:45am to 9:15a Infrastructure Makeover: Moving the 

ed storage and server infrastructure presents a | = -S. Air a Toward Network-Centric 

daunting challenge for today’s enterprises, pests oe ere Bee Cone 
many of which are positioning themselves for =| ‘ficer. U.S. Air Force | Brad Butler 


Deputy Chief 


growth yet still seeking to reduce IT costs | Information Officer 
where feasible. i yam to 9:45ar User Case Study | U-S. Air Force 


By leveraging the knowledge of industry am to 10:15¢ Refreshment and Networking Break « 
experts and the real-world experience and | a ; = 
advice of your IT peers, this IT Executive Customer Challenges and Solutions: 

a ; f ; Real-Life Scenarios Connecting Data 
Summit will provide an overview of effective Centers Over Distance Steve Adolph 


strategies for consolidating and connecting Steve Adolph, CTO, Enterprise Solutions Group, CIENA CTO, Enterprise 


> Solutions Group 
networks and data center applications. ; aa ee CIENA 
| 1 te : Network Consolidation and the Data 
Center: Boosting Business Performance 
*Complimentary registration and Application Availability 
is restricted to qualified j idk t Dp, : : 
IT executives only. ae ae} 


Strategies for Streamlining Key 
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Richard Villars 
Vice President, 
Storage Systems 
IDC 


Program Concludes 


Apply for registration today 
os more information or to apply, visit 
vw.itexecutivesummit.com/n¢ 


Exclusively sponsored by: 


COMPUTERWORLD 
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IT Careers: The Job Picture 


One of the most difficult skills to speak about in job 
interviews is the “think outside the box” ability. Miller says 
the best way to do this is for job candidates to explain to 
hiring managers an actual experience where they looked 
beyond the visible problem or challenge to create 
something much more valuable. “For instance, if you were 
asked to perform a maintenance update but along the way 
found that there was a better approach to integrate 
databases that had been stovepiped — that's an example of 
this thinking. It's what will differentiate you from the other 


Over the next three to five years, demand will be 
highest for information security, network 
design/administration, programming/software engineering 
job categories. 


is is the first of two articles that IT 

Careers will publish in cooperation with 
the Information Technology Association of 
America (ITAA) studies on 2004 job outlook and 
specifically the software development job 
category. “Hiring managers will view a straight technology 
worker as not being as valuable as one who understands 


While the information technology industry sector the business model and 


plunged from 2000 to 2003, international events created 
an increasing awareness that software development and 
technology infrastructure are critical to the nation’s security 
and global economic leadership. That was the focus of the 
recent National Software Summit, where participants 
tackled infrastructure trustworthiness and adequacy of 
current software research and development, but also 
maintaining the world’s leading software workforce. 


500 people who have applied for the same job.” 


The team did note that there is more focus on IT 


eat : professionals having more than one major area of study to 
Harris Miller, president of ITAA, worked with a team of 


leaders from IBM, Northrop Grumman and Microsoft as specific industry 
well as academia, to address the workforce issue and works,” says Miller. 
present findings at the summit. Key among the findings of “It's not about 


the team were: knowing every jot or 
e After a three-year slump, technology hiring is going jiggle but about the ability to interact 
up. internally and with customers and 
suppliers, to know how 
the industry is regulated. 
In the past, these skills were required only at the top end of 
the (IT) profession.” ITAA’s Global Outsourcing study found 
that the technical-only skills are most easily outsourced; the 
complexity of applying technology to create new business 
growth and opportunity is more valued and less likely 
to be outsourced. 


complement technical skills. “Everyone is talking about it,” 
Miller says," but it is not yet a dominant trend. Most 
companies, when running an ad to hire someone, run the 
same kind of ad listing technical skills. Companies on the 
cutting edge are trying to break into new areas of business 
and they're listing a broader set of capabilities required.” 

e IT workers need to be able to navigate across the 


economic range of opportunities, not just in 
technology companies. 


For more information about IT Careers 
advertising, please contact: Nancy Percival 
Vice President, Recruitment Advertising 
800.762.2977 

500 Old Connecticut Path 

Framingham, MA 01701 

Produced by Carole R. Hedden 


There's a need to prioritize the most important and 
credible certifications for hiring clarity. 


© Creativity and imagination — the ability to “think 
outside the box” are in high demand. 


SOFTWARE DEVELOPERS 


PRODUCT MANAGER, 
VECTOR 


ACS State and Local Solutions 
has a current opening in its 
Rockville, MD, office for a Senior 
Product Manager, VECTOR 


This individual will be responsi- 
ble for managing the VECTOR 
product line and services includ- 
ing developing comprehensive 
product roadmaps, conducting 
vendor analysis, participating in 
product release planning, man- 
aging product development and 
expansion and providing busi- 
ness development support, uti- 
lizing technologies including 
OpenVMS, HP-UX, Rdb, Oracie 
DB, Sun Universal Development 
Server (UDS), ClearCommerce 
9g, XML and 
Message Queue. Must 
manage the analysis and docu- 
mentation of VECTOR product 
cluding business requirements 
nd recommend 
solutions. Will c mine product 
scope and o! Ss. Will also 
manage subord managers 
essional technical staff 
to participate in trade 
review Request for 
Proposals (RFP), liaise with 
external vendors and develop 
presentations of proposals to 
clients 


1 requires a 
in Engineering or 

© Science discipline, 6 
mbined experience in 
software develop- 
product definition 

e and leading the 

and management of 

ware products. Prior experi- 


Collection Call Centers 
and Financia Processing. 
Settlement industries 


To be considered for this posi- 

Nn please go to www.acs- 

, Career Opportunities 

Openings, Rockvilie 

id click on Senior Product 

Manager, VECTOR, SL-TSS- 
TCC 22089, to apply on-line 


DATABASE ADMINISTRATOR 


Developing & maintaining MFG/ 
PRO modules - Inventory, Sales/ 
Distribution, Mfg., Accounts Pay- 
ables, Accounts Receivables 
Generai Ledger, Cost Mgmt. & 
Pricing. Developing reports & 
maintenance screens based on 
user requirements. Troubleshoo- 
ting user problems in the soft- 
ware. Developing/maintaining 
MFG/PRO - Point of Sale (POS) 
interface. PROGRESS program- 
ming & analysis; PROGRESS 
database mgmt. Legacy system 
conversion & implementation of 
MFG/PRO at acquisition compa- 
nies. Perform system administra- 
tion tasks for HP-UNIX servers. 
including install, manage & main- 
tain test & production database 
environments; database tuning 
develop/administer backup, re- 
store, disaster recovery proce- 
dures; create optimal database 
configuration to service business 
needs. Manage EMC storage 
system and Symmetrix software 
ORACLE PL/SQL programming 
Bachelor's degree in Computer 
Science, Engrg. or Bus. Admin 
plus 3 yrs. experience in offered 
position or as Database Adminis- 
trator, Technical Consultant, or 
Systems Analyst/Programmer 
required. Must know PROG- 
RESS programming language 
PROGRESS & SQL database 
mgmt.; ORACLE SQL & Micro- 
soft SQL software; HP-UNIX op- 
erating system (systems admin- 
istration, shell scripting, & Awk 
Sed language). Expertise re- 
quired with MFG/PRO integrated 
systems inventory, sales/distribu- 
tion, mfg. & cial modules in 
design, implementation & train- 
ng of users. 40 hr/wk, OT as 
required, 8am- 5pm. $65,558/yr 
Send resume to Ginny Burton 
#3883, Dept. for Employment 
Services, 275 E. Main St. 2-WA, 
Frankfort, KY 40621. Only per- 
sons with authorization to work 
permanently in the U.S. need 
apply. EQUAL OPPORTUNITY 
EMPLOYER 


SQL & Web Engineer wanted to 
develop & architect solutions for 
internal customers using compa- 
ny structured methodology, 3- 
tier architecture & one of the fol- 
lowing technologies: Lotus 
Script, Lotus formula language, 
ASP, COM+, VB; develop clear, 
concise & professional tech. & 
user documentation; lead & per- 
form the Bus. Analysis phase of 
projects incl. Reqt. Analysis, 
High Level Design, Workflow 
Analysis & Design, info. Flow 
Analysis & Design; effectively 
estimate solutions design & 
implementation for projects us- 
ing accurate time estimates. 
provide tech. support to client & 
IT mgmt. to ensure develop. of 
efficient application systems uti- 
lizing established standards 
procedures & SDLC methods; 
act as a point of contact for cus- 
tomer engagements; assist 
widevelop. of proposals; inte- 
grate disparate systems for vari- 
ous internal depts.; admin 

maintain & upgrade the 3rd party 
‘Perception’ Online Training 
Server & ali other 3rd party solu- 
tions; maintain & upgrade web 
App. iemplates using co. tem- 
plates; maintain & upgrade 
Microsoft IIS Web Apps. & Lotus 
Workflow Systems. Must have 
Bach. deg. in Comp. Sci., Eng 

or related field & 2 yrs. exp. 
developing data-driven web 
apps. on MS & Lotus platforms. 
including exp. w/ASP, VB, Lotus 
Script, Lotus Formula Lan- 
guage, & Lotus Notes/Domino 
Development. 40 hrs/wk. Sal- 
ary $70,000/yr. Send two res- 
umes to Case No. 200300027, 
Division of Career Services, 
Labor Certification Unit, 19 
Staniford Street, ist Floor, 
Boston, MA 02114 


Develop standard features, 
interfaces and complex modules 
for existing or new software 
products to provide major fea- 
ture implementation to client 
base of standard customers 
Actively participate in innovative 
new designs, technologies, 
research projects and their 
implementations. Learn new 
proprietary technologies and 
development tools, developed 
in-house, as well as adapt to 
non-SQL_ type databases 
Effectively convey expert 
research findings on complex 
technologies to a wide audi- 
ence. in order to emphasize 
quality, provide clear and com- 
plete models and documenta- 
tion. Develop utilities to assist in 
the quality control of the features 
developed (multiple openings) 
Requires 7 yrs of experience, or 
B.S. in Computer Science or 
related field and 5 yrs experi- 
ence, in job offered or software 
development. Experience must 
include 5 yrs programming in 
Delphi. Experience must also 
include: 2 yrs working with SQL 
databases (Sybase, Microsoft 
SQL Server, Oracle); developing 
client/server applications - both 
2 tier and 3 tier; development of 
middleware technologies 
(MIDAS, COM, CORBA, CGI 
ISAPI); and development in a 
Web environment (Active Server 
Pages, JavaScript). Must have 
proof of legal authority to work in 
the United States. Send resurre 
with SSN to Andrea Weston, 
Ontario Systems, 1150 West 
Kilgore Avenue, Muncie, IN 
47305. 


MAINFRAME ANALYST/PRO- 
GRAMMER: Writes, updates 
maintains programs written in 
COBOL/CICS for mainframe 
and financial services clients. 
Creates/maintains IDMS/R data- 
bases. Reviews work flow charts 
development by system ana- 
lys’programmers to under- 
Stand/advise on the computer 
tasks to perform. Creates 
description for programmers/ 
systems analysts to understand 
how program should access 
data. Writes physical database 
description to protect it from 
unauthorized access and tam- 
pering. Provides technical sup- 
port and guidance for COBOL 
systems. Coordinates changes 
in computer databases. Reviews 
changes in physical design of 
databases to assess effect on 
physical databases. Establishes 
computer access level for each 
segment of database. Specifies 
user access level for retrieval 
modification, deletion. Conducts 
quality control testing on codes 
and correcting errors. Enter 
codes to create production data- 
bases anid utilities programs to 
monitor performance of data- 
base. Modifies data in fine-tun- 
ing database operations 
Generates prototype for poten- 
tial clients to visualize applica- 
tions. Job is in Miami, FL. 40 hrs 
weekly, 9-5 pm. $61,000/yr. 
Bachelor's degree or equivalent, 
based on education or experi- 
ence in Computer Science or 
related field plus 2 years experi- 
ence in job offered. Mail resume 
to: SMX Services & Consulting, 
Inc., 7220 NW. 36th St., Suite 
#421, Miami, FL 33166. Attn 
Amneris Hampton 


Puzzled? 


itcareers.com can solve the 
labyrinth of job hunting 
by matching the right 
IT skills with the 
right IT position. 
Find out more at: 


www.itcareers.com 


Better address? Better compensation? Better training? Better get in 


www.itcareers.com 


Now powered by CareerJournal.com 
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SAP Senior Consultant 


GlaxoSmithKline Research 
Triangle Park, NC. Provide 
expert second line support using 
business pro: s and 
Production Planning, Execution, 
and New Product Introduction 
("PP/ PP-PI") application knowl- 
edge for pharmaceutical compa- 
ny. Solve complex and original 
problems and provide expert 
technical guidance on PP/PP-PI 
processes. Carry out detailed 
impact assessments for pro- 
posed change requests, pro- 
pose alternative cost-effective 
solutions where appropriate and 
lead, evaluate, develop, test and 
arrange release of develop- 
ments according to GSK valida- 
tion procedures. Work with other 
functions to identify opportuni 
ties for process improvement 
and assist in the implementation 
of those agreed Req 

Bachelor's or foreign equivalent 
in CS or Engineering. 3 years of 
experience in job offered or as 
SAP Consultant Following 
experience, which may have 
been obtained concurrently: 3 
years of experience in 
Production Planning, in specifi- 
cation and configuration of SAP 
(incl. version 4.6) and in SAP 
development in PP/PP-P! areas 
2 years of experience in the 
pharmaceutical industry; and 2 
years of experience in the selec- 
tion, configuration, implementa- 
tion and maintenance of PP/PP- 
PI systems 


GSK is dedicated to an innova- 
tive workplace and supports you 
with career-long opportunities & 
learning. We offer a competitive 
benefits and compensation 
package. For confidential con- 
sideration please forward 2 
copies of resume to: BHG Box 
34980, 220 E. 42nd St., 14th Fl 
NY, NY 10017. Indicating ad 
code “SAPSC" is essential 
Principals only, no agencies 
GSK is proud to promote an 
open culture, encouraging peo- 
ple to be themselves and giving 
their ideas a chance to flourish 
GSK is an equal opportunity 
employer. 


Programmer Analyst/ 
Consumer Website 
Developer 


Cablevision 


Our leading telecommunica- 
tions and entertainment compa- 
ny has an excellent opportunity 
for a professional to develop ap- 
plications and provide technical 
assistance to support consumer 
websites. A solid understanding 
of object oriented programming 
is mandatory. A minimum of 2 
years experience with Java, 
J2EE, along with familiarity with 
ATG, BEA, IBM, Tomcat and 
JRUN required. ATG consumer 
experience strongly preferred 
Prior background in XML tech- 
nologies including XSL, Soap 
and Web services desired. A 
thorough understanding of rela- 
tional database structures and 
concepts, database administra- 
tion, SQL and Oracle program- 
ming along with application de- 
velopment required. Experience 
developing and deploying web 
applications in a multi-tiered 
distribution environment highly 
desired. 


Position also requires a BS/BA 
degree or equivalent work ex- 
perience including technical 
training. A minimum of 2 years 
systems analysis and program- 
ming experience a must. Prov- 
en hands-on background with 
ATG Dynamo Consumer Com 
merce Suite and Dynamo Appii- 
cation server is preferred 


Competitive salary and excel- 
lent benefits. 


Email resume wi/salary 
history and job code: 
#0524CW0003CAM 
to: careers@cablevision.com 


EOE 
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Sr. Business Intelligence 
Knowledgebase Analyst wanted 
to mng. & oversee corp. knowl- 
edgebase & bus. intel. solutions: 
identify & prioritize need areas 
w/in overall organizational archi- 
tecture to design solutions & 
provide solution guidance from 
conception to completion; ana- 

e, design, dev., test, imple- 
ment & maintain knowledgebase 
mngmt. sys., knowl. databases. 
bus. intel. apps., & data ware- 
house arch.; analyze & consoli- 
date corp. knowledgebase (incl. 
Finance, Sales, HR, Cust. Serv. 
Procurement, Eng. Services 
etc.) in various formats for data 
warehouse arch.; dev. reporting 
& analysis tools for the co.'s bus. 
intel., incl. global sales budget & 
profit contrib... sales comp., pay- 
roll time tracking, quality control. 
procurement & supply chain, & 
corp. oper. expense budget & 
bus. unit income contrib.. using 
Oracle Enterprise Resource 
Planning Application (ERP) & 
underlying database design 
PL/SQL, Java, Visual Basic & 
Unix shell; utilize Oracle 
Electronic Transfer & Loading 
Utility & Oracle Warehouse 
Builder (OWB) to consolidate 
corp. sales data in various for- 
mats; implement automated 
report distribution; categorize 
Plasma tech. & corp. training 
data into digitized formats & cre- 
ate underlying databases: 
design & implement web-based, 
graphic user interfaces for info 
access & retrieval using 
PUSQL, Java, Java Script, JSP, 
HTML, XML, Oracle Application 
Server (OracleAS) & Oracle 
Portal on Windows & Unix plat- 
forms; design & develop 
Extranet & Internet using digital 
info. mgmt. Must have Master's 
deg. in Comp. Sci., Info. Mgmt 
or related field & 2 yrs. of exper. 
designing, developing & main- 
taining knowledgebase mngmt 
sys. & data warehouse apps 
using Web interfacing tools, as 
well as exper. using ERP, 
OracleAS, Oracie Portal, Oracle 
Database 7 to 9i, OWB & Oracle 
Developer & exper. program- 
ming w/Java Serviet, JSP, XML 
& Unix Shell 40/hr/wk 
$68,000/yr. Send 2 resumes to 
Job Order #2004-367, P.O. Box 
989, Concord, NH 03302-0989 


Sr. Network Consultant sought 
by software consulting company 
in Denver, CO to work in 
Cupertino, CA and other unan- 
ticipated job sites in the U.S. to 
at a senior level, be responsible 
for network development, instal- 
lation, testing and administra- 
tion. Analyze user requirements 
for network bandwidth and secu- 
rity for Local and Wide area net- 
works. Develop network archi- 
tecture for Cisco networks: 
based on Ethernet, Gigabit 
Ethernet, ATM, Packet over 
SONET (PoS) and Frame Relay 
using Cisco routers, Switches 
and Firewalls for Local and Wide 
Area Networks (LAN & WAN). 
Develop and implement routing 
protocols such as Open 
Shortest Path First (OSPF), 
Routing Information Protocol 
(RIP), Enhanced Interior 
Gateway Protocol (EIGRP) and 
Border Gateway Protocol (BGP) 
for routing Transmission Control 
Protocol and Internet Protocol 
(TCP/IP) in large LANs and 
WANs. Create and implement 
plans for network security. 
Provide training and support and 
engage in project management 
as required. Requires master's 
or equivalent in Electronics and 
Communication or related field: 
specifically requires master's 
degree or foreign equivalent or a 
bachelor's degree or foreign 
equivalent plus 5 yrs. exp.; 2 yrs: 
network administration experi- 
ence; working knowledge of 
Cisco networks, EIGRP, OSPF 
and frame relay. The 2 yrs net- 
work administration experience 
may be concurrent with the 5 yrs 
required for the master's. M-F; 
8am-5pm; $75,000/yr. Respond 
by resume to Employment 
Programs, PO Box 46547 
Denver, CO 80202 and respond 
to JON CO5077643. 


Chief Operating Officer. Direct 
the Management of German 
owned subsidiary cor 

cializing in the d 
customization and ir 

tion of Customer Rel: 
Management ("“CRM" 


Liaison with German pz 
company responsible for prepar- 
ing reports in 

corporate and f 
tions, strategic planning 
profitability for German execu 
tives, owners and 

bers. Must hav 

degree or fore’ 

business 

concentra 

ence or a rel 

years of executive or mai 

al level experience managing 
software systems dev 

or a Bachelor's degree 


Experience must 
2 years of executiv 


annual revenues exceeding $10 
million 


Vice President of Professional 
Services. Direct the Manage- 
ment of the design, develop- 
ment, customization and imple- 
mentation of multi-million dollar 
Customer Relationship Manage- 
ment ("CRM") systems from pre- 
sales through post 

port, including techr 
specification, pro; 

pricing and contract negotiation 
and client relations; manage 
CRM Project Managers 
Engineers and other technical 
support staff, providing technical 
guidance to development and 
implementation teams in the US 
and Germany; serve as Chief 
Technical Liaison to German 
Parent Company, responsible 
for co-development of systems 
solutions and training of US staff 
on systems develop 
Germany. Must have ten years 
of executive or managerial level 
experience managing software 
systems development. if inter- 
ested, submit resume in dupli- 
cate to 


Ms. Cassandra M. Stewart 
Human Resources and 
Office Manager 
CAS Systems of America, Inc. 
1100 Abernathy Road 
Building 500, Suite 750 
Atlanta, Georgia 30328 


Software Engineer 
InterContinental Hotels Group 
is seeking qualified applicants 
for positions at the company's 
North American headquarters 
in Atianta. Develop real-time 
fevenue management applica- 
tions for use in multi-platform 
environment. Requires rele- 
vant degree and experience 
with revenue management 
systems for hospitality/tourism 
incustry. Apply to Francene 
Taylor, Six Continents Hotels 
Inc., Three Ravinia Drive 
Suite 100, Atlanta, Georgia 
30346 


Software Engineer to perform 
sys lvl prod testing, which in- 
cludes network comm. & connec- 
tivity tests; equipment initializa- 
tion & setup tests; sys, integra 
tion, & component ivi functional 
tests; user interface testing 
regression tests; & version com- 
patibility tests; perform prod de- 
sign, sys analysis & prog activi- 
ties. Bach in CS/EE/related field 
+ 4 yrs exp + knowledge of SQA 
concepts and telecomm stan- 
dards (SS7, TCAP, ISUP, IS41P. 
1S826 & IS771) + exp w/ scripting 
languages (Bourne, Sheil, C- 
Shell, Perl, C++) req'd. Forward 
2 resumes to Lightbridge, Inc. 
320 Interlocken Pkwy, Broom- 
field, CO 80021, Attn: Pat 
Jensen. Job # 1465.0051 
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For over 20 years, Syntel employees across North America, Europe, and 
Asia have helped build advanced information technology systems for lead- 
ing Fortune 500 companies and government organizations to improve their 
efficiency and competitiveness. Today, Syntel professionals are building 
rewarding careers by providing solutions in e-business, CRM, Web Design 
and Data Warehousing. 


Come discover why Forbes magazine placed Syntel second on its list of 
“The 200 Best Small Companies in America” and Business Week ranked 
us #11 on its list of Hot Growth Companies. 


Due to our rapid growth, we have immediate, full-time opportunities for 
both entry-level and experienced Software Engineers, Consultants, 
Programmers, Programmer/Analysts, Project Leaders, Project Managers, 
Supervisors, Database Administrators, Computer Personne! Managers 
and Computer Operations/Account Managers/Account Executives with 
any of the following skills: 


Mainframe 
* IMS DB/DC or DB2, MVS/ESA, 
COBOL, CICS 


DBA 
* ORACLE or SYBASE 


Client-Server/WEB 

* Siebel 

* Websphere 

* Com/DCom 

* Web Architects 

¢ Datawarehousing 

® Informix, C or UNIX 

* Oracle Developer or Designer 2000 

e JAVA, HTML, Active X 

¢ Web Commerce * Visual Basic 

¢ SAP/R3, ABAP/4 or FICO or MM © PowerBuilder 
&SD ° |EF 


¢ Focus, IDMS or SAS 


* Oracle Applications & Tools 

* Lotus Notes Developer 

* UNIX System Administrator 

e UNIX, C, C++, Visual C++, CORBA, 
OOD or OOPS 

© WinNT 

* Sybase, Access or SQL server 

© PeopleSoft 


Account Executives, Account Managers and 


Business Development/Account Specialist 
positions available. 


Some positions require a Bachelor's degree, others a Master's degree. We also 
accept the equivalent of the degree in education and experience. 


With Syntel (NASDAQ: SYNT, you'll enjoy excellent compensation, full benefits, 
employee stock purchase plan and more. Please forward your resume and 
salary requirements to: Syntel, Inc., Attn: Recruiting Manager-LD05, 

525 E. Big Beaver, Suite 300, Troy, Mi 48083. Phone: 248-619-2800; 
Fax: 248-619-2888. Equal Opportunity Employer. 


SYN TEL 


www.syntelinc.com 
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ebel Systems, In nas an 
nty for a Technical Instructor 

n Atlanta, GA. Consitng cross- 
fxnly w/Delivery Mgrs to gain 
knwidge of specific custmr & 
prtnr education prjct rqrmnts. 
processes&procedures as they 
relate to proprietary sftwr 
appictns reqrng impintn & traing 
Providng tech consitn & educa- 
tion on the prep of tech traing 


grp traing on proprietary 
$64K/yr. Req 
BAVBS or equiv +2. Client/server 
tn, RDMS&cr a 
modeing & instructional design 
cncpts. Please 
CW-2521 & apply online 
to http/Awww.siebel.com/adresume 
or forward your resume to 
Systems, Inc 
Recruiting 
diNte Parkway. 
CA 94404. EEOE 


elop & lement in p 
tive & self-adaptive hardware & 
ftware sys. Design 
& evaluate new pr 


lized 
resume to 


usiness Man- 


p t 1g, includ- 
onal testing, installation 
legration testing . 
stress/load 

ation leve' 

patch test- 


> ust have Bach in 
related field + 2 yrs SQA 
»wiedge of SQA con- 
at 
nstal- 
le DB, and w 
Forward 


t, maintain 
S systems 
Jtions 


Bachelor's degree or 
require 

or equi. Min 

Adequate industry experi- 
b may involve working 


cations throughout 


Systems, | 
ville Rd. Suite 200 
Lisle, IL 60532 


IT Education & Training Directory 


Contact the companies listed below 
to help you with your training needs! 


IT;/Careers 


SYSTEM ADMINISTRTOR to 
maintain and develop Gentran 
Director EDI electronic data 
inter-exchange system with new 
and existing customers; develop 
Barcodes solutions; support 
Macola, SalesLogix, e-synergy 
ERP and CRM systems; support 
Citrix, Nfuse and terminal server 
applications; manage Windows 
Mobile Smartphone and Exch- 
ange 2003 integrated Mess- 
aging system; maintain Nortel 
phones, PBX and other voice 
communication systems; man- 
age Windows 2003 Avtive 
Diretory, SQL Server and 
Backup Exec. Require: B.S. in 
Computer Science/information 
Systems. Competitive salary 
offered. Mail resume to: Attn 
Vice President, EA International 
Ltd, 1050 Northbrook Parkway, 
Suwanee, GA 30024 


Software Engineers needed 
in Milwaukee, WI. Seeking 
candidates possessing MS 
or equiv. and rel. work exp 
Duties include: Analyze, 
design, develop, implement 
and test software applica- 
tions. Exp must include 2 
years working with RDBMS 
Mail resume, ref and salary 
reqs to: Systems People, 
Inc., 1200 New Rodgers 
Road, #C7B, Bristol, PA 


ata Corp. seeks applicants 
position of Software 


data cent st switches 

that allow connectivity between 

hosts and storage devices 

ires bachelor's in computer 

cience; 2 yrs exp working as a 

ftwar engineer in Fibre 
and SAN te 


knowledge 


ASICs, operating system inter- 
nals and writing device drivers 
for LINUX or any flavor of 
UNIX). Respond by resume to 
Whittle, McData Corp 
Interlocken Crescent 

CO 80021 and refer 


ENG. Jr. Software Engineer. 
Assist in writing comp pro- 
grams that translate system 
codes/spec of CDR, CDRW 
DVD+R, +RW, ROM & RAM 
Drives. Generate specifica- 
tions for user appl. Assist in 
prototyping, refining, testing & 
debugging. Req: Bachelor's in 
Comp Sci/Comp Eng. 40 
hrs/wk. Job/interview site 
Anaheim, CA. Resume to 
Digital Peripheral Solutions. 
Inc. @ POBox 27684 
Anaheim, CA 92809 


Programmer/Analyst Wash- 
ington, DC. Assist Team Leader 
in EAI project architecture elab- 
oration, design & development 
designing processes based on 
automatic UML models transla- 
tion & code generating Reqd 
B.S.C.S & 2 yrs exp including 
exp in J2EE, XML, Oracle, MS 
SQL, UML, IBM Web Sphere, 
Code generators M-F, 
40/hrs/wk. Send resume to S 
Arsenyev, EastBanc  Tech- 
nologies, LLC, Ref. #99A1,3307 
M Street, N.W., Suite 200 
Washington, DC 20007 


PROGRAMMER/ANALYST 


Plan, devel, test, documnt comp 
sftwr using XML, JSP, EJB 
JDBC, ASP, VB6, COM objects. 
XSL, Java Serviets Javascripts. 
DHTML, Linux, CSS, WebLogic 
& WebSphere w/ORACLE & 
SYBASE db's in Win & Unix 
envir. Bach degr & 2 yrs exp 
reqd. Send resume to 


HR Dept., Fulcrum Logic, Inc 
Short Hills P' 

636 Morris Turnpike, Suite 2J 

Short Hills, New Jersey 07078 


COMPUTERS - Software En- 
gineers needed. Seeking qua 
candidates possessing MS or 
equiv. and/or rel. work exp. Part 
of the req. rel. exp. must include 
2 yrs. working with MS Visual 
Interdev & Visual Basic. Duties 
include: Design & develop call 
center/CRM software solutions 
Plan & architect multi-tiered 
native & web applications; Work 
with Borland Delphi, MS Visual 
Studio.NET, Visual Basic 
ASP.NET, MS Visual Interdev 
Crystal Reports & SQL Server. 
Knowledge of ‘C' desirable 
Fwd. resume & ref. to 
Sigmaworx, Inc., Attn: HR, 1515 
Kimberly Rd., Davenport, IA 
7 


LABORATORY NETWORK 
ENGINEER for local drug and 
alcohol testing laboratory. B.S 
degree in Computer Science 
Engineering required. Minimum 
2 years experience developing 
software and managing .T. 
infrastructure. Experience with 
SQL Server development and 
administration, Unisyn Auto- 
mate, and SoftVelocity’s Clarion 
preferred. Send resumes to 


Midwest Toxicology 
Services, Inc 
H.R. Manager 
603 E Washington St 
Suite 200 
Indianapolis, IN 46204 


Lace ners eR eeyee 


R&D Algorithm Engineer 


To design and implement algo- 
rithms for machine vision in 
manufacturing industries and 
participate in all stages of devel- 
opment process from require- 
ments capture to final testing 
Req. a Master degree in Com- 
puter Science, Electrical Engin- 
eering or related field, proficien- 
cy in Visual C++, Matlab (Image 
Processing toolbox, etc.) and 
working knowledge of Pattern 
Recognition. 40 hrs/wk. Send 
resume and cover to Emory 
Berry, DVT Corporation, 1855 
Satellite Blvd, #100, Duluth, GA 
30097 


Systems Analysts (ERP/ 
Financials): Analyze, design & 
administer enterprise apps. 
and systems including finan- 
cials/transport Admin./Mgmt 
in Lawson Apps. (Financials/ 
Admin.), Oracle, SQL Server, 
Unix, AS400, COBOL, VB 
For complete job description 
or to apply, send resume/con- 
tact HR/IT-SA, URSI, 10701 
Middlebelt Road, Romulus 
MI 48174. No phone calls 
please. Principals only. EOE 


Systems Engineers needed 
MS/BS or equiv. or rel. work exp 

req. rel. work exp. must 

3 yrs working w/ Oracle 
Weblogic, & XML technologies. 
Duties incld: Design, configure 
program & implement ERP & 
web based systems; Develop 
standardized methods, tech. & 
protocols for data comm. (Incid 
data mapping); Provide tech 
expertise for customer system 
integration & end-to-end partner 
testing. Work w/ Unix, Java 
J2EE, JDBC, C+++ Oracle 8 (& 
above) Weblogic, Web-meth- 
ods, EDI & XML. Send res., ref. 
& sal. req. to Attn: HR Elemica 
Inc., 1200 Liberty Ridge Rd 
#120, Wayne, PA 19087 


Engineer (New York, NY): De- 
velop/implement ospective & 
self-adaptive hardware & soft- 
ware sys. Design, implement & 
evaluate new program repre- 
sentations. Consult w/ engi- 
neers & clients to enhance reli- 
ability, scalability & perfor- 
mance. Design systems & tech- 
niques to map applications on 
architectures. Must have M.S 
in Comp. Sci. or Elec. Eng., plus 
1 yr. specific experience. Send 
resume to Melanie Peters 
Business Manager, Reservoir 
Labs, Inc., 632 Broadway, Suite 
803, New York, NY 10012 


Dot Hill Systems seeks appli- 
cants for the position of Principal 
Firmware Engineer in Long- 
mont, CO to engage in design 
and development of software for 
network-based storage technol- 
ogy devices with embedded 
operating systems that utilize 
SCSI commands and protocols 
Specify, design, develop and 
analyze Cache and RAID (RAID 
level 5, 5+0, 1, 1+0) software 
algorithms and Failover and 
Failback software algorithms 
Position requires 6 yrs exp per- 
forming the duties and using the 
technologies above. Respond 
by resume to Eileen Jonikas, 
Dot Hill Systems, 7420 E. Dry 
Creek Parkway, Longmont, CO 
80503 


Seeking qualified applicants for 
the following positions in Orlando 
FL: Senior Programmer Analyst. 
Formulate/ define functional 
requirements and documentation 
based on accepted user criteria 
Requirements: Bachelor's degree 
or equivalent* in computer sci- 
ence, engineering, MIS or related 
field plus 5 years of experience in 
systems/applications develop- 


ment. Experience with C and/or 


C++, Java and UNIX also 
required ster's degree in 
appropriate field will offset 2 
years of general experience 
Submit resumes to LaWanda 
Thompson, FedEx Corporate 
Services, 1900 Summit Tower 
Bivd., Suite 1400, Orlando, FL 
32810. EOE M/F/D/V. 


Computer: Programmer An- 
alysts needed. Seeking qual 
candidates possessing BS or 
equiv. and/or rel. work exp 
Part of the req. rel. work exp. 
must include 2 yrs working 
w/ C++. Duties include: De- 
velop & test programs and 
software according to client 
projects; Perform regression, 
GUI & Functional tests. Work 
with C++, Oracle, PL/SQL, & 
Java. Send res., ref. & sal 
req. to: Software Galaxy 
Systems, LLC., 1703 Dahlia 
Cir., Dayton, NJ 08810 


Programmers needed. Seek- 
ing cand possessing BS or 
equiv and 2 years rel work 
exp. Our company will accept 
1 year of post baccalaureate 
experience in lieu of 1 year of 
required years of experience 
Duties include: Develop, 
modify and maintain pro- 
grams using Microsoft Visual 
Studio.NET, C#, Java, SQL 
Server and other advanced 
technologies. Mail resume, 
refs and salary reqs to: Digital 
Designs, 1501 Charlotte 
Ave., Monroe, NC 28110 


Multiple positions available 
for integrated credit card 
services company. Seeking 
Development Mgr. & Sr 
Team Leader. Positions 
require M.S. in Comp Sci 
plus 1 yr exp or alternative- 
ly B.S. plus 5 yrs exp. Must 
include VC++, MS-SQL, 
Stingray. Send resume to 
Dynamic Currency Conv- 
ersion, Inc., P.O. Box 1047, 
Nyack, NY 10960 


PROGRAMMER ANALYSTS 
for Chicago, IL office. Design & 
Develop software applications 
using Oracle, Sybase, XML 
Coolgen, interwoven, Clear- 
Case, ClearQuest, Plumtree, 
ITS, PVCS, UNIX. Bachelors 
or Equivalent req'd in Comput- 
ers, Engineering, Math or any 
related field of study + 2 yrs of 
related exp. 40 hrs/wk. Must 
have legal authority to work 
permanently in the U.S. Con- 
tact HR Manager, Regency 
Technologies, Inc., 3130 N 
Lake Shore Drive, # 1200 
Chicago, IL 60645 


Application Developer reqd for 
siware Co. in Boston, MA 
Duties: SystemStudy, dvip 
dsgn, review, rewrite, test & 
update applic for web based 
learning & impimt s/ware as per 
spec using JDK, JSP, Serviets 
EJB, JDBC, Swing, Visio 
Websphere and Weblogic 
Knowledge in Adaptive Learning 
Theories, Instructional Design 
SCORM 2004, IMSQTI, XML 
1EEE, AICC Compliance is a 
must. 2 yrs exp as prgmr or in 
field & Bach reqd. 40 hrs/wk, 9a- 
5p. Resumes to: IDL Systems 
Inc., 60 Mass Ave. Boston, MA 
02115 


Want a new 
‘IT career? 


Check out our jobs 
in the combined 
CareerJournal.com 


database. 


www. itcareers.com 


To place your ad please call 800-762-2977 


IPexpert, Inc. 
(866) 225-8064 
www. ipexpert.com 


CCIE (R&S, SEC, and C&S), CCSP, 
CCNP, CCNA, IP Telephony 


CBT Nuggets 
(888) 507-6283 & (541) 284-5522 
www.cbtnuggets.com 


Affordable training videos on CD 


MCSE, MCDBA, MCSD, CCNA, 
Citrix, Linux, A+, Net + 
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Programmer/Analyst to analyze. 


Nam StiGae = |ccson 


mai software applications 


ig: using Oracle CRM, Ore 
J2EE 


Oracle Workflow 


Framework, iStore-XML, Oracle 


Oracle Jonfigurat 


ROTOR  |o5: 


Store A 


CORBA 


Post your 
jobs here 
at: 


www.itcareers:com 


enterprise integration 
network vulnerabilities 
corporate data security 
government compliance 
mobile & wireless security 


business management needs 


The right IT professional 
can jump the hurdles of 
today’s IT challenges. 
Call: 

(800) 762-2977 


develop nstall and 


AVA, SQL, PL/SQL 


internet company seeks 
Ph.D. Research Engin- 
eers responsible for 
innovative research 
Interested 
should send resumes 
to: K. Wolfe; 1600 
Ampitheatre Parkway 
Mt. View, CA 94043 
Visit www.google.com 
for additional informa- 


applicants 


Keytone 

Technologies Inc. 
is hiring Software 
Engineers Send 
resumes to 3140 De 
La Cruz Blvd, Suite 
200, Santa Clara 
CA 95054. May be 
placed at client sites 
nationwide 


ecm a 


‘or some posi 
tions. Co titive salary. Please 
apply at bapujik@yahoo.com 
No calls. EOE 


Corporate Computer Services 
(CCS) has multipie openings for 
S em/Programmer Anaiysts. 

W Engineers, both entry & ex- 
perienced levels (minimum BS) 
Use skills C/C++, VB, Oracle 
etc. We are smaii but we do not 
lay off Attractive wage w/ bene- 
fits. Apply HR@ccsiusa.net 
EOE 


Software/project engineers and 
system/program analysts want- 
ed Wiztech, Inc. Duties include 
design and develop software. 
database, programming using 
various tools such as Oracle. 
Java, VB, Web technology. Must 
have MS/BS with experience 
Apply at hr@iwiztech.com 
EOE. No calls 
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EPL. Inc 

Pkwy, Ste 400, Birmingnam 
35242; Attn: Job NB 
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» Katz 
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Avenue. 





Send 
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Cisco Code 


worse than has come out so 
far,” he said. 

Unidentified attackers last 
week stole an unspecified 
amount of source code for 
Cisco’s Internetworking Oper- 
ating System 12.3 and 12.3T 
software, which is widely used 
in switches and other net- 
working equipment. A Russian 
Web site posted about 13MB of 
what it claimed was the stolen 
code on May 15, saying that as 
much as 800MB of code ap- 
peared to have been stolen. 

Alexander Antipoy, a securi- 
ty expert at Moscow-based 
Positive Technologies, which 
owns the Web site that posted 
the code, claimed that the com- 
pany downloaded it via a link 
provided over an Internet Re- 
lay Chat channel by someone 
using the online name Franz. 

The supposed Cisco code 
samples, a copy of which was 
sent to Computerworld, were 


Continued from page I 


Sonar 


help integrate functions with- 
in each of the four offerings. 
In an interview last week, 
Yogesh Gupta, CA's chief tech- 
nology officer, focused mainly 
on one of the new tools — an 
add-on to CA’s Unicenter NSM 
product that’s called Smart- 
BPV, shorthand for Smart Bus- 
iness Process Views. 
SmartBPV, which is in limit- 
ed beta testing, is designed to 
automatically create and up- 
date graphical views of the 
servers, routers and other de- 
vices on corporate networks 
and show IT managers which 
business processes they sup- 
port, Gupta said. For example, 
it could identify all the Micro- 
soft Exchange servers on a 
network, as well as connected 
networking devices, he said. 
“Once this SmartBPV is 
matured, it will be a big, big 





removed from Positive Tech- 
nologies’ site at Cisco’s re- 
quest on May 18, Antipov said. 

In a prepared statement 
posted on its Web site last 
week, Cisco confirmed that a 
“portion” of IOS code had 
been illegally copied and pub- 
licly posted for several days. It 
appeared that the occurrence 
was not the result of flaw in 
any Cisco product or service, 
the note said. It is also unlikely 
that the action was taken by a 
Cisco employee or contractor, 
it added. The company re- 
fused to provide any further 
details, citing an ongoing in- 
vestigation into the matter, but 
said it believed that “the im- 
proper publication of this in- 
formation does not create in- 
creased risk to customers’ Cis- 
co equipment.” 

“We will continue to closely 
monitor this matter and pro- 
vide updates as appropriate 
to customers,” a company 
spokesman said. 

The theft raises security 
concerns, especially since Cis- 


deal,” said Chris Poole, a se- 
nior analyst at Convergys 
Corp. in Jacksonville, Fla., 
and president of the Florida 
CA Users Group. Poole said 
he wants systems manage- 
ment tools that can detect 
packets being sent across net- 
works from specific applica- 
tions or databases to help him 
quickly spot and locate prob- 
lems when they arise. 

Poole, who plans to attend 
this week’s CA World confer- 


Other Sonar Tools 


= Unicenter Application Per- 
formance Monitor, for identify- 
ing the IT components involved 
in transactions and monitoring 
response times. Due for beta test- 
ing this summer. 

= Change Impact Analyzer, an 
add-on to Unicenter ServicePlus 
Service Desk for evaluating the 
business impact of planned net- 
work changes. Due this summer. 


co’s tech- 
nology is 
widely used on 
corporate networks, users said. 

“Now that the code is avail- 
able to scrutinize, it will be 
easier to find holes to exploit,” 
said Jon Duren, chief technol- 
ogy officer at IdleAire Tech- 
nologies Corp., a Knoxville, 
Tenn.-based provider of elec- 
trification services. 

“This issue has caused [us] 
to re-evaluate our access con- 
trol lists on the routers, and 
on devices surrounding our 
routers, to ensure that they are 
solid,” Duren said. 

A similar incident involving 


ence in Las Vegas, said he en- 
visions using SmartBPV to 
pinpoint a specific instance of 
an Oracle or SAP application 
that’s encountering problems 
on a server that’s running 10 
different installations of the 
same application, for example. 
He said he is currently able to 
use the Unicenter tools only 
to locate the server that is re- 
porting the trouble. 


A Wider View 


Hamed Omar, senior vice 
president of technology infra- 
structure at Sallie Mae Inc., 
said the educational loan pro- 
vider has been running Smart- 
BPV in a test lab for about six 
weeks and will probably roll it 
out in the fall. 

Sallie Mae’s network has 
about 10,000 components, said 
Omar, who works at the com- 
pany’s offices in Fishers, Ind. 
He noted that SmartBPV and 
related Unicenter tools should 
give him a view of all the net- 





A sample of the 
source code allegedly 
stolen from Cisco 


the theft of Microsoft Corp. 
source code for Windows N71 
and Windows 2000 in Febru- 
ary led to the discovery of a 
remotely executable flaw in 
the company’s Internet Ex- 
plorer browser software 
{QuickLink 44787]. 

The stolen Cisco code 
could be investigated for simi- 
lar flaws or somehow exploit- 
ed to create back doors or to 
fool users into downloading 
malicious patches or Trojan 
horse programs, security ex- 
perts said. 

In the Microsoft incident, 
the stolen code was freely 
available for download. In con- 


work devices and how they re- 
late to business processes, “so 
that when I make a change to 
a component, I know the com- 
plete business service at risk.” 
AmeriCredit Corp. may re- 
place homegrown tools with 
SmartBPV, said Charles Kruse, 
vice president of IT services 
at the Fort Worth, Texas-based 
automobile financing firm. 
AmeriCredit wants to guaran- 
tee response times for Web- 
based loan applications and is 
deploying Unicenter NSM at 
its 90 branch offices to help 
make that possible, he said. 
Kruse added that the compa- 
ny’s IT staff could use Smart- 
BPV to make sure the branch- 
es have the network and com- 
puting resources they need 
should problems develop. 
Sonar is based on technolo 
gy CA bought from Raytheon 
Co. last year. The Sonar-based 
products CA is developing 
automate the process of data- 
packet analysis, said Dennis 
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trast, the Cisco source code 
hasn't resurfaced following its 
brief public airing on the Russ- 
ian Web site. 

Another difference between 
the two incidents is that the 
Cisco source code could be a 
lot more difficult to exploit 
than the Microsoft code, 
which was “complete and rea 
sonably easy to work with,” 
said Johannes Ullrich, chief 
technology officer at the 
SANS Internet Storm Center 
in Quincy, Mass. 

“Just the same, we still have 
to be aware of the possibility 
of a security issue arising as a 
result of the theft,” said Ed 
ward York, CTO at 724 Inc., 
an application service pro- 
vider in Lompoc, Calif 

This is especially true given 
the lack of information com- 
ing from Cisco, users and ana- 
lysts said. Gartner’s Pescatore 
noted that the question that 
always gets raised when inci- 
dents such as this occur is, “If 
this got out, what else was go- 


ing on?” @ 47039 


Drogseth, an analyst at Enter- 
prise Management Associates 
Inc. in Boulder, Colo. Rival 
management tool vendors 
such as IBM and Hewlett- 
Packard Co. are working on 
similar technology, he said. 

Also at the conference, CA 
will announce plans to better 
integrate its four main product 
lines. In addition, it will try 
to reassure users who have 
concerns about last month’s 
ouster of Sanjay Kumar from 
his position as CEO in connec- 
tion with investigations of 
CA's accounting practices 
[QuickLink 46761]. 

Poole, Omar and Kruse all 
said that they think CA is suf- 
ficiently addressing the man- 
agement and accounting is- 
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So Much junk 


T’S GOOD THAT Tim Berners-Lee has come out against creat- 
ing lots of new top-level domains. In April, Berners-Lee wrote 
a white paper titled “New Top Level Domains Considered 
Harmful,” in which he said adding new TLDs alongside .com, 
.org and .net should be done only after careful thought and 
when there’s a clear benefit to users. He especially doesn’t like the 
proposed .mobi TLD for Web pages aimed at cell phones and other 
mobile devices. And he repeated his criticism last week at the 13th 
International World Wide Web Conference in New York. 
Of course, some people have been saying for years that new TLDs 
are a bad idea. Yes, Tim, it’s good you’ve joined us. 
But it’s probably too late to matter. 


Mission-critical 

Programmer pilot fish takes over the critical code for 
transmitting settlements on a major e-commerce net- 
work. “I kept noticing one function in the link file out- 
put named OCRAP that didn’t seem to be called any- 
where,” fish says. He finally tracks down the two-line 
long routine: “printf (°O crap, what am | doing 
here\n”); exit 1;” Says fish, “I renamed the code.” 


the manager 
called the po- 
lice back to ask 
when he could 
; get his laptop, they re- 
; what officer?’ ” 


No 


It’s Sarbanes-Oxley 

: rules finds an oddity: 

: be performed by only 
says a pilot fish there. “It : four users. But if those 
was years before some- : users’ IDs are deleted, 
one pointed out that the : everyone in the company 
their hinges on the out- : permission. “In these 
side, requiring onlya —_: days of massive layoffs, 
hammer and screwdriver : it could happen,” says 
i fish. “However, it’s not 
: often when a company 
: wants all of its employ- 
? ees to have access to 
: payroll transactions.” 


: Thanks, Boss 

:? Boss asks sysadmin pilot 
reports it stolen. “That —_: fish to write a request 
night, he gota phone __: for bids for a telecom 
call from a person saying : system. “I tell him | don’t 
he was a police officer: know much about this 
and they caught aman: area and would like 
with his laptop,” says an : some guidance,” says 
insider pilot fish. “The —_: fish. “He says he’s not 


OK, that’s putting it too strongly. Berners-Lee | es. People didn’t want .junk or .bunk at the end 
invented the Web. When he speaks about the | of their Web addresses. They wanted .com. 
Users weren’t pushing for more TLDs either. 

The biggest proponents of new TLDs were 

would-be registrars who figured .com was a 

gold mine, so there must be money in .junk too. 

If Berners-Lee had come out forcefully in 
1997 against adding lots of new TLDs, people 
might have listened. He might have been able 
to stop the .junk madness before all the lawsuits 
over which new TLDs to add, and when. And 
before businesses wasted so much money on 
junk domain names they didn’t need but had 
to buy to protect their trademarks. 

Or maybe it wouldn’t have mattered. In any 
case, we know how it turned out: The market- 
place spoke, and it said “dot-com.” The .junk 
TLDs never took off. They’re still out there — 
they’re just a nuisance. 

And .mobi? Sure, it’s good to have Berners- 
Lee campaigning against it. It’s a bad idea to 
wall off “mobile” Web content from the rest of 
the Web. And not just because it breaks the 


Internet, people pay attention. So it does matter 
that he thinks it’s an especially bad idea to cre- 
ate a mobile-devices ghetto on the Web with 
-mobi. He’s afraid we'll lose the device indepen- 
dence that’s always a goal of the Web, even if 
it’s not always perfectly achieved. 

The whole idea is that you can see the same 

Tes age a a TU anrac “ ‘ . > 
Web page on a PC, a TV screen, a handheld or to pop the hinge pins.” 
Just the Facts 
Regional manager at a 
retail chain forgets his 
first laptop on a store 
counter. When he re- 
turns, it’s gone, so he 


any other Web device, no matter the screen size 
or resolution or other factors. Ghettoize mobile 
devices, and you’ve broken the way the Web 
functions. That’s Tim’s point, and he’s right. 

But Tim, where were you when we needed 
you — in 1997? 

That was the year the Internet’s movers and 
shakers decided we should have more domain 
names. Lots more. The Internet Society and the 
Internet Assigned Numbers Authority wrote 
the stupefyingly titled “Memorandum of Un- 
derstanding on the Generic Top Level Domain 
Name Space of the Internet Domain Name Sys- 


tem” (abbreviated — honest! — as 
gTLD-MoU). 

The purpose of the gTLD-MoU 
was to push for more TLDs to join 
.com, .org and .net. How many 
more? Seven to start, but the gTLD- 
MoU-ers figured the Internet would 
eventually need hundreds of them 
“to provide a sufficiently rich name 
space as Internet exponential 
growth continues.” 

Too bad they weren’t paying at- 
tention. By 1997, .com was already 
the default TLD for Web browsers 
and the preferred TLD for business- 


FRANK HAYES, Computer- 
world's senior news colum- 
nist, has covered IT for more 
than 20 years. Contact him at 
frank_hayes@computerworld.com. 


Web’s device independence. 

It’s a bad idea because it’s anoth- 
er waste. Cell phones and wireless 
handhelds need less and less spe- 
cial treatment. Their connections 
keep getting faster. Their proces- 
sors keep getting more powerful. 
Their screens keep getting bigger 
— and within a few years, we could 
have mobile devices with “virtual 
screens” an inch across that read 
like a 19-in. monitor. 

Who'll need .mobi then? Nobody. 

It’ll be just so much more .junk. 


@ 47009 


officer said the manag- 
er’s business card was 
taped to the laptop, and 
if he knew the laptop’s 
password, the officer 

would know it was his. 
The manager gave him 
the password. The offi- 


: going to help me - | 

: should be able to do this 
: on my own.” But at the 
: next meeting, boss has a 
: don’t know what I'm 

: doing,” sighs fish, “and 
: Lam doing too much re- 


TELL ME WHAT'S DOING. Send your true tale of IT 


life to me at sharky@computerworld.com. You score 
a sharp Shark shirt if | use it. And check out the daily feed, 





browse the Sharkives and sign up for Shark Tank home de- 
livery at computerworld.com/sharky. 
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As Chief Security Officer at Exostar, Jeff Nigriny has a lot on his mind. After all, clients like Rolls-Royce place 


their trust in Exostar’s online collaboration tools. One breach, and years of work, perhaps billions in assets, might 


SECURITY 


be campromised. But with VeriSign’s Intelligence & Control” Services, Nigriny has been freed. Freed from 


SEXYS Ae 
oH worrying about the day-to-day issues, like tracking intruders and maintaining the firewall. And freed to pursue 
new strategies and product applications leveraging the real-time information and 
response capabilities he now gets from VeriSign. He’s probably working on other VeriSi 
initiatives as well, but he didn’t mention them. This guy knows how to keep a secret. The Value of Trust 
Sd To learn more about VeriSign’s new intelligence & Control Services for Network Security, visit www.verisign.com 
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With SAS® software’s new Intelligence Platform, you can... 
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INTELLIGENT 

SAS introduces a software breakthrough for sharing mission-critical intelligence, in just the right 
context, with everyone from executives to knowledge workers. And for increasing the value of your 
IT investment every step of the way— from aggregating and ensuring the quality of data, from any 
source, to transforming that data into predictive insight using the world’s best analytics. Can one 
intelligence platform truly fit all your needs, within IT and across your enterprise? Let us prove it. 
Call toll free 1 866 791 3183 or visit our Web site. 
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